Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Red Hat RHSA-2004:441-01 Critical: Ruby CGI File Permissions Flaw

Calendar Sep 30, 2004 User Avatar LinuxSecurity Advisories
4 - 7 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory security issue Red Hat critical file permission CGI ruby package
An updated ruby package that fixes insecure file permissions for CGI session files is now available. 

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated ruby package fixes security flaw
Advisory ID:       RHSA-2004:441-01
Issue date:        2004-09-30
Updated on:        2004-09-30
Product:           Red Hat Enterprise Linux
Keywords:          file permission
CVE Names:         CAN-2004-0755
---------------------------------------------------------------------

1. Summary:

An updated ruby package that fixes insecure file permissions for CGI session
files is now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Ruby is an interpreted scripting language for object-oriented programming.

Andres Salomon reported an insecure file permissions flaw in the CGI
session management of Ruby.  FileStore created world readable files that
could allow a malicious local user the ability to read CGI session data.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0755 to this issue.

Users are advised to upgrade to this erratum package, which contains a
backported patch to CGI::Session FileStore.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

     https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/

5. Bug IDs fixed  (http://bugzilla.redhat.com/ for more info):

130065 - CAN-2004-0755 ruby insecure file permissions

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS: 

eb97376e716aa09d718d5afc0f4a0020  ruby-1.6.4-2.AS21.0.src.rpm

i386:
8570dca43ce0243d098a667d77f08490  irb-1.6.4-2.AS21.0.i386.rpm
ec1d1fe2f3f0ebae66342127c5a48e19  ruby-1.6.4-2.AS21.0.i386.rpm
b318516e9af9320a3638d496754c3f3e  ruby-devel-1.6.4-2.AS21.0.i386.rpm
95c13aa43397b4d1f8f625d5db8cf0e6  ruby-docs-1.6.4-2.AS21.0.i386.rpm
dd229e6ba40dee0ddd9f7072bd24780b  ruby-libs-1.6.4-2.AS21.0.i386.rpm
b7b059fa23ba437057ad66125201407e  ruby-tcltk-1.6.4-2.AS21.0.i386.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS: 

eb97376e716aa09d718d5afc0f4a0020  ruby-1.6.4-2.AS21.0.src.rpm

i386:
8570dca43ce0243d098a667d77f08490  irb-1.6.4-2.AS21.0.i386.rpm
ec1d1fe2f3f0ebae66342127c5a48e19  ruby-1.6.4-2.AS21.0.i386.rpm
b318516e9af9320a3638d496754c3f3e  ruby-devel-1.6.4-2.AS21.0.i386.rpm
95c13aa43397b4d1f8f625d5db8cf0e6  ruby-docs-1.6.4-2.AS21.0.i386.rpm
dd229e6ba40dee0ddd9f7072bd24780b  ruby-libs-1.6.4-2.AS21.0.i386.rpm
b7b059fa23ba437057ad66125201407e  ruby-tcltk-1.6.4-2.AS21.0.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS: 

eb97376e716aa09d718d5afc0f4a0020  ruby-1.6.4-2.AS21.0.src.rpm

i386:
8570dca43ce0243d098a667d77f08490  irb-1.6.4-2.AS21.0.i386.rpm
ec1d1fe2f3f0ebae66342127c5a48e19  ruby-1.6.4-2.AS21.0.i386.rpm
b318516e9af9320a3638d496754c3f3e  ruby-devel-1.6.4-2.AS21.0.i386.rpm
95c13aa43397b4d1f8f625d5db8cf0e6  ruby-docs-1.6.4-2.AS21.0.i386.rpm
dd229e6ba40dee0ddd9f7072bd24780b  ruby-libs-1.6.4-2.AS21.0.i386.rpm
b7b059fa23ba437057ad66125201407e  ruby-tcltk-1.6.4-2.AS21.0.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS: 

4a005a302e389f88e0059a04ffe1c301  ruby-1.6.8-9.EL3.2.src.rpm

i386:
b806ed75a84c93559323ad7a31775ce3  ruby-1.6.8-9.EL3.2.i386.rpm
945e6b9345cc4f23667ac60909b0ef5d  ruby-devel-1.6.8-9.EL3.2.i386.rpm
056d3fc25714ecf458837e2350f1403e  ruby-libs-1.6.8-9.EL3.2.i386.rpm
e3c51a8f573f313113ab0de0811c3993  ruby-mode-1.6.8-9.EL3.2.i386.rpm

ia64:
54124222ea6990ebae5aba4355d9ac70  ruby-1.6.8-9.EL3.2.ia64.rpm
3118ec318e2ff6065e4e598ee07374e3  ruby-devel-1.6.8-9.EL3.2.ia64.rpm
bc523ead60e9bd104cf55373a9ad3b8c  ruby-libs-1.6.8-9.EL3.2.ia64.rpm
f5c7ade5502b67d1a35c76223de7663c  ruby-mode-1.6.8-9.EL3.2.ia64.rpm

ppc:
e111badd02691f2d3af1228cfd1305ad  ruby-1.6.8-9.EL3.2.ppc.rpm
71f4002652015dc1394d1a0707dac921  ruby-devel-1.6.8-9.EL3.2.ppc.rpm
2834716a178d5c22b2a0bdc3c18e4569  ruby-libs-1.6.8-9.EL3.2.ppc.rpm
c722c0ce315e1e5a4229e94b1518ba30  ruby-mode-1.6.8-9.EL3.2.ppc.rpm

s390:
ba3145afb52bc659a5efcc0452a55ff3  ruby-1.6.8-9.EL3.2.s390.rpm
e52eb4855a8501f0c2fccf2b1e3524aa  ruby-devel-1.6.8-9.EL3.2.s390.rpm
6b18d38bd6d62c84d757f229845b6079  ruby-libs-1.6.8-9.EL3.2.s390.rpm
0cf38f2a6c42ceb80a674bcc9ffa557d  ruby-mode-1.6.8-9.EL3.2.s390.rpm

s390x:
7292fe703498f5ee33a20d69f7ad6cd1  ruby-1.6.8-9.EL3.2.s390x.rpm
e1ff142228b28536b4a3977db8d430a7  ruby-devel-1.6.8-9.EL3.2.s390x.rpm
c1849a6c9570941144914d7d518d71e8  ruby-libs-1.6.8-9.EL3.2.s390x.rpm
fd9f25954b2d1b87d521848a6bf2501b  ruby-mode-1.6.8-9.EL3.2.s390x.rpm

x86_64:
3048997bfb6fc66ca6ec6813d2f0aff6  ruby-1.6.8-9.EL3.2.x86_64.rpm
b8135ec687a30ca432a67cb383a1e62a  ruby-devel-1.6.8-9.EL3.2.x86_64.rpm
160b4e7a46029a3ccb2ba98fd1a4dd7d  ruby-libs-1.6.8-9.EL3.2.x86_64.rpm
8456efd1389a4d322fca5fce518e44a1  ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

Red Hat Desktop version 3:

SRPMS: 

4a005a302e389f88e0059a04ffe1c301  ruby-1.6.8-9.EL3.2.src.rpm

i386:
b806ed75a84c93559323ad7a31775ce3  ruby-1.6.8-9.EL3.2.i386.rpm
945e6b9345cc4f23667ac60909b0ef5d  ruby-devel-1.6.8-9.EL3.2.i386.rpm
056d3fc25714ecf458837e2350f1403e  ruby-libs-1.6.8-9.EL3.2.i386.rpm
e3c51a8f573f313113ab0de0811c3993  ruby-mode-1.6.8-9.EL3.2.i386.rpm

x86_64:
3048997bfb6fc66ca6ec6813d2f0aff6  ruby-1.6.8-9.EL3.2.x86_64.rpm
b8135ec687a30ca432a67cb383a1e62a  ruby-devel-1.6.8-9.EL3.2.x86_64.rpm
160b4e7a46029a3ccb2ba98fd1a4dd7d  ruby-libs-1.6.8-9.EL3.2.x86_64.rpm
8456efd1389a4d322fca5fce518e44a1  ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS: 

4a005a302e389f88e0059a04ffe1c301  ruby-1.6.8-9.EL3.2.src.rpm

i386:
b806ed75a84c93559323ad7a31775ce3  ruby-1.6.8-9.EL3.2.i386.rpm
945e6b9345cc4f23667ac60909b0ef5d  ruby-devel-1.6.8-9.EL3.2.i386.rpm
056d3fc25714ecf458837e2350f1403e  ruby-libs-1.6.8-9.EL3.2.i386.rpm
e3c51a8f573f313113ab0de0811c3993  ruby-mode-1.6.8-9.EL3.2.i386.rpm

ia64:
54124222ea6990ebae5aba4355d9ac70  ruby-1.6.8-9.EL3.2.ia64.rpm
3118ec318e2ff6065e4e598ee07374e3  ruby-devel-1.6.8-9.EL3.2.ia64.rpm
bc523ead60e9bd104cf55373a9ad3b8c  ruby-libs-1.6.8-9.EL3.2.ia64.rpm
f5c7ade5502b67d1a35c76223de7663c  ruby-mode-1.6.8-9.EL3.2.ia64.rpm

x86_64:
3048997bfb6fc66ca6ec6813d2f0aff6  ruby-1.6.8-9.EL3.2.x86_64.rpm
b8135ec687a30ca432a67cb383a1e62a  ruby-devel-1.6.8-9.EL3.2.x86_64.rpm
160b4e7a46029a3ccb2ba98fd1a4dd7d  ruby-libs-1.6.8-9.EL3.2.x86_64.rpm
8456efd1389a4d322fca5fce518e44a1  ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS: 

4a005a302e389f88e0059a04ffe1c301  ruby-1.6.8-9.EL3.2.src.rpm

i386:
b806ed75a84c93559323ad7a31775ce3  ruby-1.6.8-9.EL3.2.i386.rpm
945e6b9345cc4f23667ac60909b0ef5d  ruby-devel-1.6.8-9.EL3.2.i386.rpm
056d3fc25714ecf458837e2350f1403e  ruby-libs-1.6.8-9.EL3.2.i386.rpm
e3c51a8f573f313113ab0de0811c3993  ruby-mode-1.6.8-9.EL3.2.i386.rpm

ia64:
54124222ea6990ebae5aba4355d9ac70  ruby-1.6.8-9.EL3.2.ia64.rpm
3118ec318e2ff6065e4e598ee07374e3  ruby-devel-1.6.8-9.EL3.2.ia64.rpm
bc523ead60e9bd104cf55373a9ad3b8c  ruby-libs-1.6.8-9.EL3.2.ia64.rpm
f5c7ade5502b67d1a35c76223de7663c  ruby-mode-1.6.8-9.EL3.2.ia64.rpm

x86_64:
3048997bfb6fc66ca6ec6813d2f0aff6  ruby-1.6.8-9.EL3.2.x86_64.rpm
b8135ec687a30ca432a67cb383a1e62a  ruby-devel-1.6.8-9.EL3.2.x86_64.rpm
160b4e7a46029a3ccb2ba98fd1a4dd7d  ruby-libs-1.6.8-9.EL3.2.x86_64.rpm
8456efd1389a4d322fca5fce518e44a1  ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
 

7. References:
 
CVE -CVE-2004-0755

8. Contact:

The Red Hat security contact is <This email address is being protected from spambots. You need JavaScript enabled to view it.>.  More contact
details at  

Copyright 2004 Red Hat, Inc.

Red Hat RHSA-2004:441-01 Critical: Ruby CGI File Permissions Flaw

red hat
Calendar Grey September 30, 2004
Dist Redhat Esm H88
The announcement from Red Hat highlights an upgraded python package that mitigates a severe vulnerability concerning insecure handling of session cookies in web applications.
An updated ruby package that fixes insecure file permissions for CGI session files is now available.

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

130065 - CAN-2004-0755 ruby insecure file permissions

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:

eb97376e716aa09d718d5afc0f4a0020 ruby-1.6.4-2.AS21.0.src.rpm

i386: 8570dca43ce0243d098a667d77f08490 irb-1.6.4-2.AS21.0.i386.rpm ec1d1fe2f3f0ebae66342127c5a48e19 ruby-1.6.4-2.AS21.0.i386.rpm b318516e9af9320a3638d496754c3f3e ruby-devel-1.6.4-2.AS21.0.i386.rpm 95c13aa43397b4d1f8f625d5db8cf0e6 ruby-docs-1.6.4-2.AS21.0.i386.rpm dd229e6ba40dee0ddd9f7072bd24780b ruby-libs-1.6.4-2.AS21.0.i386.rpm b7b059fa23ba437057ad66125201407e ruby-tcltk-1.6.4-2.AS21.0.i386.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:

eb97376e716aa09d718d5afc0f4a0020 ruby-1.6.4-2.AS21.0.src.rpm

i386: 8570dca43ce0243d098a667d77f08490 irb-1.6.4-2.AS21.0.i386.rpm ec1d1fe2f3f0ebae66342127c5a48e19 ruby-1.6.4-2.AS21.0.i386.rpm b318516e9af9320a3638d496754c3f3e ruby-devel-1.6.4-2.AS21.0.i386.rpm 95c13aa43397b4d1f8f625d5db8cf0e6 ruby-docs-1.6.4-2.AS21.0.i386.rpm dd229e6ba40dee0ddd9f7072bd24780b ruby-libs-1.6.4-2.AS21.0.i386.rpm b7b059fa23ba437057ad66125201407e ruby-tcltk-1.6.4-2.AS21.0.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:

eb97376e716aa09d718d5afc0f4a0020 ruby-1.6.4-2.AS21.0.src.rpm

i386: 8570dca43ce0243d098a667d77f08490 irb-1.6.4-2.AS21.0.i386.rpm ec1d1fe2f3f0ebae66342127c5a48e19 ruby-1.6.4-2.AS21.0.i386.rpm b318516e9af9320a3638d496754c3f3e ruby-devel-1.6.4-2.AS21.0.i386.rpm 95c13aa43397b4d1f8f625d5db8cf0e6 ruby-docs-1.6.4-2.AS21.0.i386.rpm dd229e6ba40dee0ddd9f7072bd24780b ruby-libs-1.6.4-2.AS21.0.i386.rpm b7b059fa23ba437057ad66125201407e ruby-tcltk-1.6.4-2.AS21.0.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:

4a005a302e389f88e0059a04ffe1c301 ruby-1.6.8-9.EL3.2.src.rpm

i386: b806ed75a84c93559323ad7a31775ce3 ruby-1.6.8-9.EL3.2.i386.rpm 945e6b9345cc4f23667ac60909b0ef5d ruby-devel-1.6.8-9.EL3.2.i386.rpm 056d3fc25714ecf458837e2350f1403e ruby-libs-1.6.8-9.EL3.2.i386.rpm e3c51a8f573f313113ab0de0811c3993 ruby-mode-1.6.8-9.EL3.2.i386.rpm

ia64: 54124222ea6990ebae5aba4355d9ac70 ruby-1.6.8-9.EL3.2.ia64.rpm 3118ec318e2ff6065e4e598ee07374e3 ruby-devel-1.6.8-9.EL3.2.ia64.rpm bc523ead60e9bd104cf55373a9ad3b8c ruby-libs-1.6.8-9.EL3.2.ia64.rpm f5c7ade5502b67d1a35c76223de7663c ruby-mode-1.6.8-9.EL3.2.ia64.rpm

ppc: e111badd02691f2d3af1228cfd1305ad ruby-1.6.8-9.EL3.2.ppc.rpm 71f4002652015dc1394d1a0707dac921 ruby-devel-1.6.8-9.EL3.2.ppc.rpm 2834716a178d5c22b2a0bdc3c18e4569 ruby-libs-1.6.8-9.EL3.2.ppc.rpm c722c0ce315e1e5a4229e94b1518ba30 ruby-mode-1.6.8-9.EL3.2.ppc.rpm

s390: ba3145afb52bc659a5efcc0452a55ff3 ruby-1.6.8-9.EL3.2.s390.rpm e52eb4855a8501f0c2fccf2b1e3524aa ruby-devel-1.6.8-9.EL3.2.s390.rpm 6b18d38bd6d62c84d757f229845b6079 ruby-libs-1.6.8-9.EL3.2.s390.rpm 0cf38f2a6c42ceb80a674bcc9ffa557d ruby-mode-1.6.8-9.EL3.2.s390.rpm

s390x: 7292fe703498f5ee33a20d69f7ad6cd1 ruby-1.6.8-9.EL3.2.s390x.rpm e1ff142228b28536b4a3977db8d430a7 ruby-devel-1.6.8-9.EL3.2.s390x.rpm c1849a6c9570941144914d7d518d71e8 ruby-libs-1.6.8-9.EL3.2.s390x.rpm fd9f25954b2d1b87d521848a6bf2501b ruby-mode-1.6.8-9.EL3.2.s390x.rpm

x86_64: 3048997bfb6fc66ca6ec6813d2f0aff6 ruby-1.6.8-9.EL3.2.x86_64.rpm b8135ec687a30ca432a67cb383a1e62a ruby-devel-1.6.8-9.EL3.2.x86_64.rpm 160b4e7a46029a3ccb2ba98fd1a4dd7d ruby-libs-1.6.8-9.EL3.2.x86_64.rpm 8456efd1389a4d322fca5fce518e44a1 ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:

4a005a302e389f88e0059a04ffe1c301 ruby-1.6.8-9.EL3.2.src.rpm

i386: b806ed75a84c93559323ad7a31775ce3 ruby-1.6.8-9.EL3.2.i386.rpm 945e6b9345cc4f23667ac60909b0ef5d ruby-devel-1.6.8-9.EL3.2.i386.rpm 056d3fc25714ecf458837e2350f1403e ruby-libs-1.6.8-9.EL3.2.i386.rpm e3c51a8f573f313113ab0de0811c3993 ruby-mode-1.6.8-9.EL3.2.i386.rpm

x86_64: 3048997bfb6fc66ca6ec6813d2f0aff6 ruby-1.6.8-9.EL3.2.x86_64.rpm b8135ec687a30ca432a67cb383a1e62a ruby-devel-1.6.8-9.EL3.2.x86_64.rpm 160b4e7a46029a3ccb2ba98fd1a4dd7d ruby-libs-1.6.8-9.EL3.2.x86_64.rpm 8456efd1389a4d322fca5fce518e44a1 ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:

4a005a302e389f88e0059a04ffe1c301 ruby-1.6.8-9.EL3.2.src.rpm

i386: b806ed75a84c93559323ad7a31775ce3 ruby-1.6.8-9.EL3.2.i386.rpm 945e6b9345cc4f23667ac60909b0ef5d ruby-devel-1.6.8-9.EL3.2.i386.rpm 056d3fc25714ecf458837e2350f1403e ruby-libs-1.6.8-9.EL3.2.i386.rpm e3c51a8f573f313113ab0de0811c3993 ruby-mode-1.6.8-9.EL3.2.i386.rpm

ia64: 54124222ea6990ebae5aba4355d9ac70 ruby-1.6.8-9.EL3.2.ia64.rpm 3118ec318e2ff6065e4e598ee07374e3 ruby-devel-1.6.8-9.EL3.2.ia64.rpm bc523ead60e9bd104cf55373a9ad3b8c ruby-libs-1.6.8-9.EL3.2.ia64.rpm f5c7ade5502b67d1a35c76223de7663c ruby-mode-1.6.8-9.EL3.2.ia64.rpm

x86_64: 3048997bfb6fc66ca6ec6813d2f0aff6 ruby-1.6.8-9.EL3.2.x86_64.rpm b8135ec687a30ca432a67cb383a1e62a ruby-devel-1.6.8-9.EL3.2.x86_64.rpm 160b4e7a46029a3ccb2ba98fd1a4dd7d ruby-libs-1.6.8-9.EL3.2.x86_64.rpm 8456efd1389a4d322fca5fce518e44a1 ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:

4a005a302e389f88e0059a04ffe1c301 ruby-1.6.8-9.EL3.2.src.rpm

i386: b806ed75a84c93559323ad7a31775ce3 ruby-1.6.8-9.EL3.2.i386.rpm 945e6b9345cc4f23667ac60909b0ef5d ruby-devel-1.6.8-9.EL3.2.i386.rpm 056d3fc25714ecf458837e2350f1403e ruby-libs-1.6.8-9.EL3.2.i386.rpm e3c51a8f573f313113ab0de0811c3993 ruby-mode-1.6.8-9.EL3.2.i386.rpm

ia64: 54124222ea6990ebae5aba4355d9ac70 ruby-1.6.8-9.EL3.2.ia64.rpm 3118ec318e2ff6065e4e598ee07374e3 ruby-devel-1.6.8-9.EL3.2.ia64.rpm bc523ead60e9bd104cf55373a9ad3b8c ruby-libs-1.6.8-9.EL3.2.ia64.rpm f5c7ade5502b67d1a35c76223de7663c ruby-mode-1.6.8-9.EL3.2.ia64.rpm

x86_64: 3048997bfb6fc66ca6ec6813d2f0aff6 ruby-1.6.8-9.EL3.2.x86_64.rpm b8135ec687a30ca432a67cb383a1e62a ruby-devel-1.6.8-9.EL3.2.x86_64.rpm 160b4e7a46029a3ccb2ba98fd1a4dd7d ruby-libs-1.6.8-9.EL3.2.x86_64.rpm 8456efd1389a4d322fca5fce518e44a1 ruby-mode-1.6.8-9.EL3.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from


Summary

Topics%20covered

Topics Covered

security advisory security issue Red Hat critical file permission CGI ruby package

References

CVE -CVE-2004-0755

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2004:441-01
Issue date: 2004-09-30
Updated on: 2004-09-30
Product: Red Hat Enterprise Linux
Keywords: file permission

Topic

An updated ruby package that fixes insecure file permissions for CGI sessionfiles is now available.

Topics%20covered

Topics Covered

security advisory security issue Red Hat critical file permission CGI ruby package

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here