Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.
{ "availability": "No subscription needed", "binaries": [ { "ruby2.5": "2.5.1-1ubuntu1.9", "libruby2.5": "2.5.1-1ubuntu1.9", "ruby2.5-dev": "2.5.1-1ubuntu1.9", "ruby2.5-doc": "2.5.1-1ubuntu1.9" } ] }
{ "availability": "No subscription needed", "binaries": [ { "ruby2.7-doc": "2.7.0-5ubuntu1.4", "ruby2.7": "2.7.0-5ubuntu1.4", "libruby2.7": "2.7.0-5ubuntu1.4", "ruby2.7-dev": "2.7.0-5ubuntu1.4" } ] }
{ "availability": "No subscription needed", "binaries": [ { "ruby2.3-doc": "2.3.1-2~ubuntu16.04.16", "ruby2.3-dev": "2.3.1-2~ubuntu16.04.16", "ruby2.3-tcltk": "2.3.1-2~ubuntu16.04.16", "libruby2.3": "2.3.1-2~ubuntu16.04.16", "ruby2.3": "2.3.1-2~ubuntu16.04.16" } ] }