Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

SUSE: 2017:0914-1 Important: Ruby19 Heap Overflow Detection

suse
Calendar Grey April 3, 2017
Scroller Suse
The revision tackles a significant python37 concern: essential security patches and update notes provided
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is ...

Summary

This update for ruby19 fixes the following issues: Security issue fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" (bsc#1018808) Bugfixes: - fix small mistake in the backport for (bsc#986630) - HTTP Header injection in 'net/http' (bsc#986630) - make the testsuite work with our new openssl requirements Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite Runner 1.3: zypper in -t patch slestso13-ruby19-13046=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-ruby19-13046=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite Runner 1.3 (s390x): ruby19-1.9.3.p392-0.26.1 - SUSE Studio Onsite 1.3 (x86_64):

References

#1018808 #986630

Cross- CVE-2016-2339

Affected Products:

SUSE Studio Onsite Runner 1.3

SUSE Studio Onsite 1.3

https://www.suse.com/security/cve/CVE-2016-2339.html

https://bugzilla.suse.com/1018808

https://bugzilla.suse.com/986630

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:0914-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.