ELA-609-1 ruby-nokogiri security update

denial of service vulnerability

Related CVEs CVE-2022-24836

It was discovered that there was a potential denial of service attack in ruby-nokogiri, a HTML, XML, SAX etc. parser written in/for the Ruby programming language. This was caused by the use of inefficient regular expressions that were susceptible to excessive backtracking.

For Debian 8 Jessie, these problems have been fixed in version

We recommend that you upgrade your ruby-nokogiri packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/