drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehlerhafte Initialisierung des Zufallsgenerators in Ruby
Name: |
Fehlerhafte Initialisierung des Zufallsgenerators in Ruby |
|
ID: |
FEDORA-2011-9374 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 14 |
|
Datum: |
Di, 26. Juli 2011, 15:17 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2686 |
|
Applikationen: |
Ruby |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2011-9374 2011-07-16 06:46:45 ------------------------------------------------------------------------------- -
Name : ruby Product : Fedora 14 Version : 1.8.7.352 Release : 1.fc14 URL : http://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible.
------------------------------------------------------------------------------- - Update Information:
New version 1.8.7p352 is released, fixing randomization process in forked process (CVE-2011-2686). Also ruby path is fixed to have no duplicate directories on all archs. ------------------------------------------------------------------------------- - ChangeLog:
* Sat Jul 16 2011 Mamoru Tasaka <mtasaka@fedoraproject.org> - 1.8.7.352-1 - Update to 1.8.7 p352 - CVE-2011-2686 is fixed in this version (bug 722415) - Update ext/tk to the latest git - Remove duplicate path entry (bug 718695) * Thu Jul 14 2011 Mamoru Tasaka <mtasaka@fedoraproject.org> - 1.8.7.334-4 - Once fix FTBFS (bug 716021) * Mon Jul 11 2011 Dennis Gilmore <dennis@ausil.us> - 1.8.7.334-3 - normalise arm cpus to arm * Mon May 30 2011 Mamoru Tasaka <mtasaka@fedoraproject.org> - 1.8.7.334-2 - Own %{_normalized_cpu}-%{_target_os} directory (bug 708816) * Sat Feb 19 2011 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.7.334-1 - Update to 1.8.7 p334 * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.7.330-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jan 2 2011 Dennis Gilmore <dennis@ausil.us> - 1.8.7.330-2 - nomalise the 32 bit sparc archs to sparc * Sun Dec 26 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.7.330-1 - Update to 1.8.7 p330 - ext/tk updated to the newest header * Thu Nov 4 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.7.302-2 - Avoid multilib conflict on -libs subpackage (bug 649174) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #722415 - CVE-2011-2686 CVE-2011-2705 ruby: Properly initialize the random number generator when forking new process https://bugzilla.redhat.com/show_bug.cgi?id=722415 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update ruby' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|