+++ This bug was initially created as a clone of Bug #29004 +++ Ubuntu has issued an advisory on April 20: https://ubuntu.com/security/notices/USN-4922-1 The issue is fixed upstream in 2.7.3. Ubuntu has a patch for 2.5.x. Mageia 7 and Mageia 8 are also affected.
Depends on: 29004 => (none)
Status comment: (none) => Fixed upstream in 2.7.5
Assignee: bugsquad => pterjan
Ubuntu has issued an advisory for the last three CVEs on January 18: https://ubuntu.com/security/notices/USN-5235-1
Ruby 3.1.0 is in cauldron
Closing
Status: NEW => RESOLVEDResolution: (none) => FIXED