1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5635-1] yard security update

    From Moritz Muehlenhoff@21:1/5 to All on Mon Mar 4 21:50:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5635-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    March 04, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : yard
    CVE ID : CVE-2024-27285

    Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was
    vulnerable to cross-site scripting.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 0.9.24-1+deb11u1.

    For the stable distribution (bookworm), this problem has been fixed in
    version 0.9.28-2+deb12u2.

    We recommend that you upgrade your yard packages.

    For the detailed security status of yard please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/yard

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXmMwMACgkQEMKTtsN8 TjYteA/+OJKIMLYc36uSErez5guFT6OYcCINkwjm8Uv+7S9lkBp3aq80agghHHPw oghyZaW/2VohG/nDEFXh5g/NUPNFT+/044ymLsSMgJOF8C80+K6xJ7C/lHBeqYOM IjxzWuooWe0pL7ZLMpZHIipvbVtlS/M+GkjBudPMptMdk8hxfX3zlNgzJqxvZdE7 dOu/eTqUOc+aOXRo7NPXkYfqkzkJxwy6DFnkRMrVd9IvHcYOs3Aw0EQE92QTsB68 etFwakgmZZOzLW1ubkYJWGXGKq0ASWuGOlSUGjx62KiGWR53iIGUhY4VEQRUDjmP OVDoxOePO1Vr0W6UPqbsrGqSyKwpU8lqQKqAGbOJyw5XsnOjhu/fk1q9J3DRA/oa 8fc/6Vgt+Ys8nOj1YHW+SbxjseRnGFraPqq88ICJ1Lg/UsxHn1RcO1dozClKI+Fx LlbyZMFETA1yfy2+iHu6go5jQDTjQHuLk4aUzSAf1y6a8507QWyQSThB+9gehIs+ GxTLRzYIOTgB40xrE5vaouVvZb5Qg9j9P1j2DY3+R8+ig+15nnMaVRSAQFaXl+9V yn3STUox9lvhxBB7tCYEWV4P6IPQqjwsNWMKZR0gfmpJxrql3cUCkFTH68prMfWN bPYfsqVrnVkWQMzkqb1NvAdyYP3TJYEDdG1oI09vIye4d6VXbW4=
    =CnLF
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)