Package        : jruby
Version        : 1.5.6-9+deb8u1
CVE ID         : CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076
                 CVE-2018-1000077 CVE-2018-1000078 CVE-2019-8321
                 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325
Debian Bug     : 895778 925987


Multiple vulnerabilities have been discovered in jruby, Java
implementation of the Ruby programming language.

CVE-2018-1000074

    Deserialization of Untrusted Data vulnerability in owner command
    that can result in code execution. This attack appear to be
    exploitable via victim must run the `gem owner` command on a gem
    with a specially crafted YAML file

CVE-2018-1000075

    an infinite loop caused by negative size vulnerability in ruby gem
    package tar header that can result in a negative size could cause an
    infinite loop

CVE-2018-1000076

    Improper Verification of Cryptographic Signature vulnerability in
    package.rb that can result in a mis-signed gem could be installed,
    as the tarball would contain multiple gem signatures.

CVE-2018-1000077

    Improper Input Validation vulnerability in ruby gems specification
    homepage attribute that can result in a malicious gem could set an
    invalid homepage URL

CVE-2018-1000078

    Cross Site Scripting (XSS) vulnerability in gem server display of
    homepage attribute that can result in XSS. This attack appear to be
    exploitable via the victim must browse to a malicious gem on a
    vulnerable gem server

CVE-2019-8321

    Gem::UserInteraction#verbose calls say without escaping, escape
    sequence injection is possible

CVE-2019-8322

    The gem owner command outputs the contents of the API response
    directly to stdout. Therefore, if the response is crafted, escape
    sequence injection may occur

CVE-2019-8323

    Gem::GemcutterUtilities#with_response may output the API response to
    stdout as it is. Therefore, if the API side modifies the response,
    escape sequence injection may occur.

CVE-2019-8324

    A crafted gem with a multi-line name is not handled correctly.
    Therefore, an attacker could inject arbitrary code to the stub line
    of gemspec

CVE-2019-8325

    Gem::CommandManager#run calls alert_error without escaping, escape
    sequence injection is possible. (There are many ways to cause an
    error.)

For Debian 8 "Jessie", these problems have been fixed in version
1.5.6-9+deb8u1.

We recommend that you upgrade your jruby packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-1796-1: jruby security update

May 20, 2019
Multiple vulnerabilities have been discovered in jruby, Java implementation of the Ruby programming language

Summary

CVE-2018-1000074

Deserialization of Untrusted Data vulnerability in owner command
that can result in code execution. This attack appear to be
exploitable via victim must run the `gem owner` command on a gem
with a specially crafted YAML file

CVE-2018-1000075

an infinite loop caused by negative size vulnerability in ruby gem
package tar header that can result in a negative size could cause an
infinite loop

CVE-2018-1000076

Improper Verification of Cryptographic Signature vulnerability in
package.rb that can result in a mis-signed gem could be installed,
as the tarball would contain multiple gem signatures.

CVE-2018-1000077

Improper Input Validation vulnerability in ruby gems specification
homepage attribute that can result in a malicious gem could set an
invalid homepage URL

CVE-2018-1000078

Cross Site Scripting (XSS) vulnerability in gem server display of
homepage attribute that can result in XSS. This attack appear to be
exploitable via t...

Read the Full Advisory


Severity
Package : jruby
Version : 1.5.6-9+deb8u1
CVE ID : CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076
Debian Bug : 895778 925987

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved