Mehrere Probleme in Ruby
ID: | FEDORA-2012-15507 |
Distribution: | Fedora |
Plattformen: | Fedora 16 |
Datum: | So, 14. Oktober 2012, 10:34 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4466 |
Applikationen: | Ruby |
Originalnachricht |
|
Name : ruby Product : Fedora 16 Version : 1.8.7.358 Release : 4.fc16 URL : http://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- Update Information: Some security flaws were found on ruby currently shipped on Fedora 17 where malicious user can bypass safe mechanize by raising exception intentionally and make arbitrary strings tainted. This flaw were now registered as CVE-2012-4464 and CVE-2012-4466. Note that CVE-2012-4464 is basically the same as CVE-2011-1005, which was supposed to be already fixed on ruby 1.8.x branch but it proved that the fix was incomplete. This new rpm will fix the above issue. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Mamoru Tasaka |