{"affected":[{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:HPE Helion OpenStack 8","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=HPE%20Helion%20OpenStack%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 7","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 7","name":"yast2-ruby-bindings","purl":"pkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.53-9.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 8","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20OpenStack%20Cloud%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud Crowbar 8","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"yast2-ruby-bindings","purl":"pkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.53-9.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ruby2.1-devel":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP4","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ruby2.1-devel":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-LTSS","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-LTSS","name":"yast2-ruby-bindings","purl":"pkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.53-9.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2","yast2-ruby-bindings":"3.1.53-9.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","name":"yast2-ruby-bindings","purl":"pkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.53-9.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3-LTSS","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3-BCL","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP4","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libruby2_1-2_1":"2.1.9-19.3.2","ruby2.1":"2.1.9-19.3.2","ruby2.1-stdlib":"2.1.9-19.3.2"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 5","name":"ruby2.1","purl":"pkg:rpm/suse/ruby2.1&distro=SUSE%20Enterprise%20Storage%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.9-19.3.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ruby2.1 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command (bsc#1043983).\n- CVE-2016-7798: Fixed an IV Reuse in GCM Mode (bsc#1055265).\n- CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf (bsc#1058755).\n- CVE-2017-0899: Fixed an issue with malicious gem specifications, insufficient sanitation when printing gem specifications could have included terminal characters (bsc#1056286).\n- CVE-2017-0900: Fixed an issue with malicious gem specifications, the query command could have led to a denial of service attack against clients (bsc#1056286).\n- CVE-2017-0901: Fixed an issue with malicious gem specifications, potentially overwriting arbitrary files on the client system (bsc#1056286).\n- CVE-2017-0902: Fixed an issue with malicious gem specifications, that could have enabled MITM attacks against clients (bsc#1056286).\n- CVE-2017-0903: Fixed an unsafe object deserialization vulnerability (bsc#1062452).\n- CVE-2017-9228: Fixed a heap out-of-bounds write in bitset_set_range() during regex compilation (bsc#1069607).\n- CVE-2017-9229: Fixed an invalid pointer dereference in left_adjust_char_head() in oniguruma (bsc#1069632).\n- CVE-2017-10784: Fixed an escape sequence injection vulnerability in the Basic authentication of WEBrick (bsc#1058754).\n- CVE-2017-14033: Fixed a buffer underrun vulnerability in OpenSSL ASN1 decode (bsc#1058757).\n- CVE-2017-14064: Fixed an arbitrary memory exposure during a JSON.generate call (bsc#1056782).\n- CVE-2017-17405: Fixed a command injection vulnerability in Net::FTP (bsc#1073002).\n- CVE-2017-17742: Fixed an HTTP response splitting issue in WEBrick (bsc#1087434).\n- CVE-2017-17790: Fixed a command injection in lib/resolv.rb:lazy_initialize() (bsc#1078782).\n- CVE-2018-6914: Fixed an unintentional file and directory creation with directory traversal in tempfile and tmpdir (bsc#1087441).\n- CVE-2018-8777: Fixed a potential DoS caused by large requests in WEBrick (bsc#1087436).\n- CVE-2018-8778: Fixed a buffer under-read in String#unpack (bsc#1087433).\n- CVE-2018-8779: Fixed an unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket (bsc#1087440).\n- CVE-2018-8780: Fixed an unintentional directory traversal by poisoned NUL byte in Dir (bsc#1087437).\n- CVE-2018-16395: Fixed an issue with OpenSSL::X509::Name equality checking (bsc#1112530).\n- CVE-2018-16396: Fixed an issue with tainted string handling, where the flag was not propagated in Array#pack and String#unpack with some directives (bsc#1112532).\n- CVE-2018-1000073: Fixed a path traversal issue (bsc#1082007).\n- CVE-2018-1000074: Fixed an unsafe object deserialization vulnerability in gem owner, allowing arbitrary code execution with specially crafted YAML (bsc#1082008).\n- CVE-2018-1000075: Fixed an infinite loop vulnerability due to negative size in tar header causes Denial of Service (bsc#1082014).\n- CVE-2018-1000076: Fixed an improper verification of signatures in tarballs (bsc#1082009).\n- CVE-2018-1000077: Fixed an improper URL validation in the homepage attribute of ruby gems (bsc#1082010).\n- CVE-2018-1000078: Fixed a XSS vulnerability in the homepage attribute when displayed via gem server (bsc#1082011).\n- CVE-2018-1000079: Fixed a path traversal issue during gem installation allows to write to arbitrary filesystem locations (bsc#1082058).\n- CVE-2019-8320: Fixed a directory traversal issue when decompressing tar files (bsc#1130627).\n- CVE-2019-8321: Fixed an escape sequence injection vulnerability in verbose (bsc#1130623).\n- CVE-2019-8322: Fixed an escape sequence injection vulnerability in gem owner (bsc#1130622).\n- CVE-2019-8323: Fixed an escape sequence injection vulnerability in API response handling (bsc#1130620).\n- CVE-2019-8324: Fixed an issue with malicious gems that may have led to arbitrary code execution (bsc#1130617).\n- CVE-2019-8325: Fixed an escape sequence injection vulnerability in errors (bsc#1130611).\n- CVE-2019-15845: Fixed a NUL injection vulnerability in File.fnmatch and File.fnmatch? (bsc#1152994).\n- CVE-2019-16201: Fixed a regular expression denial of service vulnerability in WEBrick's digest access authentication (bsc#1152995).\n- CVE-2019-16254: Fixed an HTTP response splitting vulnerability in WEBrick (bsc#1152992).\n- CVE-2019-16255: Fixed a code injection vulnerability in Shell#[] and Shell#test (bsc#1152990).\n- CVE-2020-10663: Fixed an unsafe object creation vulnerability in JSON (bsc#1171517).\n\nNon-security issue fixed:\n\n- Add conflicts to libruby to make sure ruby and ruby-stdlib are also updated when libruby is updated (bsc#1048072).\n\nAlso yast2-ruby-bindings on SLES 12 SP2 LTSS was updated to handle the updated ruby interpreter. (bsc#1172275)\n","id":"SUSE-SU-2020:1570-1","modified":"2020-06-09T09:16:12Z","published":"2020-06-09T09:16:12Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20201570-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1043983"},{"type":"REPORT","url":"https://bugzilla.suse.com/1048072"},{"type":"REPORT","url":"https://bugzilla.suse.com/1055265"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056286"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056782"},{"type":"REPORT","url":"https://bugzilla.suse.com/1058754"},{"type":"REPORT","url":"https://bugzilla.suse.com/1058755"},{"type":"REPORT","url":"https://bugzilla.suse.com/1058757"},{"type":"REPORT","url":"https://bugzilla.suse.com/1062452"},{"type":"REPORT","url":"https://bugzilla.suse.com/1069607"},{"type":"REPORT","url":"https://bugzilla.suse.com/1069632"},{"type":"REPORT","url":"https://bugzilla.suse.com/1073002"},{"type":"REPORT","url":"https://bugzilla.suse.com/1078782"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082007"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082008"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082009"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082010"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082011"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082014"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082058"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087433"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087434"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087436"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087437"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087440"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087441"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112530"},{"type":"REPORT","url":"https://bugzilla.suse.com/1112532"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130611"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130617"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130620"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130622"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130623"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130627"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152990"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152992"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152994"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152995"},{"type":"REPORT","url":"https://bugzilla.suse.com/1171517"},{"type":"REPORT","url":"https://bugzilla.suse.com/1172275"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-9096"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2339"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7798"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-0898"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-0899"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-0900"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-0901"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-0902"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-0903"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10784"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-14033"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-14064"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17405"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17742"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17790"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-9228"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-9229"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000073"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000074"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000075"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000076"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000077"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000078"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000079"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-16395"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-16396"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-6914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8777"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8778"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8779"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8780"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15845"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16201"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16254"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16255"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8320"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8321"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8322"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8323"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8324"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8325"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-10663"}],"related":["CVE-2015-9096","CVE-2016-2339","CVE-2016-7798","CVE-2017-0898","CVE-2017-0899","CVE-2017-0900","CVE-2017-0901","CVE-2017-0902","CVE-2017-0903","CVE-2017-10784","CVE-2017-14033","CVE-2017-14064","CVE-2017-17405","CVE-2017-17742","CVE-2017-17790","CVE-2017-9228","CVE-2017-9229","CVE-2018-1000073","CVE-2018-1000074","CVE-2018-1000075","CVE-2018-1000076","CVE-2018-1000077","CVE-2018-1000078","CVE-2018-1000079","CVE-2018-16395","CVE-2018-16396","CVE-2018-6914","CVE-2018-8777","CVE-2018-8778","CVE-2018-8779","CVE-2018-8780","CVE-2019-15845","CVE-2019-16201","CVE-2019-16254","CVE-2019-16255","CVE-2019-8320","CVE-2019-8321","CVE-2019-8322","CVE-2019-8323","CVE-2019-8324","CVE-2019-8325","CVE-2020-10663"],"summary":"Security update for ruby2.1","upstream":["CVE-2015-9096","CVE-2016-2339","CVE-2016-7798","CVE-2017-0898","CVE-2017-0899","CVE-2017-0900","CVE-2017-0901","CVE-2017-0902","CVE-2017-0903","CVE-2017-10784","CVE-2017-14033","CVE-2017-14064","CVE-2017-17405","CVE-2017-17742","CVE-2017-17790","CVE-2017-9228","CVE-2017-9229","CVE-2018-1000073","CVE-2018-1000074","CVE-2018-1000075","CVE-2018-1000076","CVE-2018-1000077","CVE-2018-1000078","CVE-2018-1000079","CVE-2018-16395","CVE-2018-16396","CVE-2018-6914","CVE-2018-8777","CVE-2018-8778","CVE-2018-8779","CVE-2018-8780","CVE-2019-15845","CVE-2019-16201","CVE-2019-16254","CVE-2019-16255","CVE-2019-8320","CVE-2019-8321","CVE-2019-8322","CVE-2019-8323","CVE-2019-8324","CVE-2019-8325","CVE-2020-10663"]}