Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Fedora 10: 2009-13066 Moderate: Ruby Denial of Service Issue

fedora
Calendar Grey December 11, 2009
Dist Fedora Esm H88
Fedora 10 ruby patch addresses vulnerabilities in BigDecimal and corrects compilation problems on ARM architectures. Use yum to apply the enhancements.
Update to 1.8.6 p368 This package also fixes the build failure on arm -gnueabi systems (bug 506233), and DOS vulnerability issue on BigDecimal method (bug 504958, CVE-2009-1904)

Summary

Ruby is the interpreted scripting language for quick and easy

object-oriented programming. It has many features to process text

files and to do system management tasks (as in Perl). It is simple,

straight-forward, and extensible.

Update Information:

Update to 1.8.6 p368 This package also fixes the build failure on arm -gnueabi systems (bug 506233), and DOS vulnerability issue on BigDecimal method (bug 504958, CVE-2009-1904)

Topics%20covered

Topics Covered

security advisory security update DoS issue Fedora ruby package BigDecimal

Change Log

* Mon Dec 7 2009 Mamoru Tasaka - 1.8.6.386-2 - Patch for bigdecimal DOS issue (CVE-2009-1904, bug 504958) * Sun May 31 2009 Jeroen van Meeuwen - 1.8.6.368-1 - New upstream release (p368) * Sat Apr 11 2009 Mamoru Tasaka - 1.8.6.287-8 - Merge Review fix (#226381) * Wed Mar 18 2009 Jeroen van Meeuwen - 1.8.6.287-7 - Fix regression in CVE-2008-3790 (#485383) * Mon Mar 16 2009 Mamoru Tasaka - 1.8.6.287-6 - Again use -O2 optimization level - i586 should search i386-linux directory (on <= F-11) * Thu Mar 5 2009 Jeroen van Meeuwen - 1.8.6.287-5 - Rebuild for gcc4.4 * Fri Feb 27 2009 Jeroen van Meeuwen - 1.8.6.287-3 - CVE-2008-5189: CGI header injection.

References


[ 1 ] Bug #504958 - CVE-2009-1904 ruby: DoS vulnerability in BigDecimal https://bugzilla.redhat.com/show_bug.cgi?id=504958

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update ruby' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: ruby
Product: Fedora 10
Version: 1.8.6.368
Release: 2.fc10
URL: https://www.ruby-lang.org/
Summary: An interpreter of object-oriented scripting language

Topics%20covered

Topics Covered

security advisory security update DoS issue Fedora ruby package BigDecimal

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here