-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3077-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Chris Lamb August 18, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : ruby-tzinfo Version : 1.2.5-1+deb10u1 CVE ID : CVE-2022-31163 It was discovered that there was a potential directory traversal vulnerablilty in ruby-tzinfo, a timezone library for the Ruby programming language. For Debian 10 "Buster", this problem has been fixed in version 1.2.5-1+deb10u1. We recommend that you upgrade your ruby-tzinfo packages. For the detailed security status of ruby-tzinfo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ruby-tzinfo Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmL+etgACgkQHpU+J9Qx HljDEg/+LjvW6LY/EImY/bLQF0Fez2A7Wgn5Y/hhSS8A7ibbqGVChS6NQ5FYBQie 7+/1og01DsLc/z/J0HkKhTL+6jrRCowKuKj3xUdnbvpd7HeeGE0jCgekG7cr/DE2 O61dFYy+XXWWkS3abO8l9wGskzVf5lyN6zXlNMewIt//8awqsY17mbkdEM/mN+uo SL+200+I1kWkWJFZTV5d6xJeDNQZFiQiOElzG8eFsgds15AERM7xbRzi0hPayu3h 0ICMt87nsGsJeRxKuzqI9Anm/qRb+zagqsO8D2k6TH/7jto1O6fAanOOKhetFHB5 itc4DW4YOm48HutGtEcBYwtv7rDk7PL7bMA53TIgQihccVVE2Ywg3fR1x2jXXiMj /XTw+a/rPZoXDxD3V+z4hrdYoXBmWgWzCWYCV+39s+46q0JtXMv4e6c1Th4zeSx6 gtNJ954qzL5/1aN1ImzEUJ3EAbTf/qetR0M1+DYVcXz7c4RlPGbdIJbGOuL+lbyM q17FMXcHlpTrj7ez1+7qqDZuKSlepf7lMLXSSNGNJEPcZUdwekS+3KeOtukiiLty b8BMrKmTEl6UUn5Y9z6mdkmBR45+wWeVwOo8cDZ61TtBGCr9xZnSNK8S1P/YGFCR oGqJOfqp4cZzFKfUhgQCQgzKKS1/wbicun5d9X8snWtwiHps7yE= =QzF7 -----END PGP SIGNATURE-----