Mageia 2020-0121: ruby-rake security update
Summary
Updated ruby-rake package fixes security vulnerability:
There is an OS command injection vulnerability in Rake < 12.3.3 in
Rake::FileList when supplying a filename that begins with the pipe
character (CVE-2020-8130).
References
- https://bugs.mageia.org/show_bug.cgi?id=26266
- https://www.debian.org/lts/security/2020/dla-2120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8130
Resolution
MGASA-2020-0121 - Updated ruby-rake packages fix security vulnerability
SRPMS
- 7/core/ruby-rake-12.3.0-21.mga7