Public bug reported:
This issue occurred during the process of executing the dbtoepub command
to generate PostgreSQL Document Epub files, resulting in an error.
In the file debian/patches/CVE-2024-41946.patch, there is a section
using Security as in if sum > Security.entity_expansion_text_limit,
which should be corrected to if sum >
REXML::Security.entity_expansion_text_limit.
Therefore, the CVE code needs to be modified. The CVE code requires
changes from Security.entity... to REXML::Security.entity....
This was discovered on Ubuntu 24.04.3 LTS, and the same issue may exist
in subsequent packages.
** Affects: ruby3.2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2125833
Title:
There is an error in the CVE-2024-41946 patch.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ruby3.2/+bug/2125833/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
