ELSA-2008-0897

ELSA-2008-0897 - ruby security update

Type:SECURITY
Severity:MODERATE
Release Date:2008-10-21

Description



[1.8.5-5.el5_2.5]
- Build with -fno-strict-aliasing.

[1.8.5-5.el5_2.4]
- security fixes. (#461590)
- CVE-2008-3655: multiple insufficient safe mode restrictions.
- CVE-2008-3656: WEBrick DoS vulnerability (CPU consumption).
- CVE-2008-3657: missing taintness checks in dl module.
- CVE-2008-3905: use of predictable source port and transaction id in DNS
requests done by resolv.rb module.
- CVE-2008-3443: Memory allocation failure in Ruby regex engine
(remotely exploitable DoS).
- CVE-2008-3790: DoS vulnerability in the REXML module.


Related CVEs


CVE-2008-1145
CVE-2008-3443
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 4 (i386) ruby-1.8.1-7.0.1.el4_7.1.src.rpm8e5a08470e0b675f27acca0a2a7c3c5eELSA-2012-0070
irb-1.8.1-7.0.1.el4_7.1.i386.rpm752cee420ce2787d0cdabdd4bc605d1cELSA-2012-0070
ruby-1.8.1-7.0.1.el4_7.1.i386.rpm812097092ef34eccf236ab4de687d687ELSA-2012-0070
ruby-devel-1.8.1-7.0.1.el4_7.1.i386.rpmf822970d3b096760585f86b736168a8dELSA-2012-0070
ruby-docs-1.8.1-7.0.1.el4_7.1.i386.rpmb533de494add517cb735ed6dd4ae9ac6ELSA-2012-0070
ruby-libs-1.8.1-7.0.1.el4_7.1.i386.rpm8db7b30442ae2f754657f7b3fa79e671ELSA-2012-0070
ruby-mode-1.8.1-7.0.1.el4_7.1.i386.rpm755c3bbe5676e267458910c64f5fcc30ELSA-2012-0070
ruby-tcltk-1.8.1-7.0.1.el4_7.1.i386.rpm2da30a5ae1d529d7abf63de149adfa6fELSA-2012-0070
Oracle Linux 4 (ia64) ruby-1.8.1-7.0.1.el4_7.1.src.rpm8e5a08470e0b675f27acca0a2a7c3c5eELSA-2012-0070
irb-1.8.1-7.0.1.el4_7.1.ia64.rpm6fe8594b6d8012fa7586f37c03bbfd95ELSA-2012-0070
ruby-1.8.1-7.0.1.el4_7.1.ia64.rpm44b350ac698d0e80c1dcc7744ebe4a88ELSA-2012-0070
ruby-devel-1.8.1-7.0.1.el4_7.1.ia64.rpm38d463a84bbaf59aca250cfab818abb4ELSA-2012-0070
ruby-docs-1.8.1-7.0.1.el4_7.1.ia64.rpma1e7b20b679071a0c590f106cdd5d529ELSA-2012-0070
ruby-libs-1.8.1-7.0.1.el4_7.1.i386.rpm8db7b30442ae2f754657f7b3fa79e671ELSA-2012-0070
ruby-libs-1.8.1-7.0.1.el4_7.1.ia64.rpm444ef7f61afb60d3a632abb96aee2294ELSA-2012-0070
ruby-mode-1.8.1-7.0.1.el4_7.1.ia64.rpm793ba620437f5a19c22807a6749541acELSA-2012-0070
ruby-tcltk-1.8.1-7.0.1.el4_7.1.ia64.rpm6d8206915d0525016c92765479b5ce16ELSA-2012-0070
Oracle Linux 4 (x86_64) ruby-1.8.1-7.0.1.el4_7.1.src.rpm8e5a08470e0b675f27acca0a2a7c3c5eELSA-2012-0070
irb-1.8.1-7.0.1.el4_7.1.x86_64.rpm4c35575e66c35bed82d549e1c4ad1a8bELSA-2012-0070
ruby-1.8.1-7.0.1.el4_7.1.x86_64.rpmacb2325caedcfcf81cb7d975cfa7e593ELSA-2012-0070
ruby-devel-1.8.1-7.0.1.el4_7.1.x86_64.rpmf233e31e7d500fb7fcf15455e45a9cbdELSA-2012-0070
ruby-docs-1.8.1-7.0.1.el4_7.1.x86_64.rpm01051d2ffd13fc5286526f280af579b3ELSA-2012-0070
ruby-libs-1.8.1-7.0.1.el4_7.1.i386.rpm8db7b30442ae2f754657f7b3fa79e671ELSA-2012-0070
ruby-libs-1.8.1-7.0.1.el4_7.1.x86_64.rpm729762d23062fc2d4c66233c56c767d7ELSA-2012-0070
ruby-mode-1.8.1-7.0.1.el4_7.1.x86_64.rpm8e4a20b6962e8250dc090c83e4320460ELSA-2012-0070
ruby-tcltk-1.8.1-7.0.1.el4_7.1.x86_64.rpm591a28a78a6fa690221bae9d428f0dd9ELSA-2012-0070
Oracle Linux 5 (i386) ruby-1.8.5-5.el5_2.5.src.rpm336a9833f7fbb9bc891281941b73e706ELSA-2013-1090
ruby-1.8.5-5.el5_2.5.i386.rpmcb1de00a94133d6bace51382280c39b0ELSA-2013-1090
ruby-devel-1.8.5-5.el5_2.5.i386.rpmed0a1c48635d0a5b59170291c3f405beELSA-2013-1090
ruby-docs-1.8.5-5.el5_2.5.i386.rpm6bc41be24af997dca450de34a0179f61ELSA-2013-1090
ruby-irb-1.8.5-5.el5_2.5.i386.rpm50ef893f3be9ddfc7d1e25d7facb247eELSA-2013-1090
ruby-libs-1.8.5-5.el5_2.5.i386.rpm8809adefab11d2998f7b2bc43a592023ELSA-2013-1090
ruby-mode-1.8.5-5.el5_2.5.i386.rpmfcb9c2f8b93ed6386c51e7c18c37c604ELSA-2013-1090
ruby-rdoc-1.8.5-5.el5_2.5.i386.rpm2ff461d35c711cb2e52b469901226000ELSA-2013-1090
ruby-ri-1.8.5-5.el5_2.5.i386.rpm9485a88c18844780eb5d51215ee51576ELSA-2013-1090
ruby-tcltk-1.8.5-5.el5_2.5.i386.rpm7577fce60959981faa4bcb390d2d1993ELSA-2013-1090
Oracle Linux 5 (x86_64) ruby-1.8.5-5.el5_2.5.src.rpm336a9833f7fbb9bc891281941b73e706ELSA-2013-1090
ruby-1.8.5-5.el5_2.5.x86_64.rpm94d313cadc5ff62c3c273647b3b3f2daELSA-2013-1090
ruby-devel-1.8.5-5.el5_2.5.i386.rpmed0a1c48635d0a5b59170291c3f405beELSA-2013-1090
ruby-devel-1.8.5-5.el5_2.5.x86_64.rpmc13d9f0ef2fd59769b03d819c9d15b5fELSA-2013-1090
ruby-docs-1.8.5-5.el5_2.5.x86_64.rpm779eb053c46ce3e06c9dd3abd5d0fa0aELSA-2013-1090
ruby-irb-1.8.5-5.el5_2.5.x86_64.rpm4f8112e2e421559a8985be9fcc75f6e6ELSA-2013-1090
ruby-libs-1.8.5-5.el5_2.5.i386.rpm8809adefab11d2998f7b2bc43a592023ELSA-2013-1090
ruby-libs-1.8.5-5.el5_2.5.x86_64.rpm475b15c2f1d1928cf0e704aa7d97272bELSA-2013-1090
ruby-mode-1.8.5-5.el5_2.5.x86_64.rpm13ccce813a1d64fa45fa1abe8b9bed20ELSA-2013-1090
ruby-rdoc-1.8.5-5.el5_2.5.x86_64.rpmf9bcb91dc65f9f695bca575cd79801fdELSA-2013-1090
ruby-ri-1.8.5-5.el5_2.5.x86_64.rpm160ab40c9c4c175c7836728773db55aaELSA-2013-1090
ruby-tcltk-1.8.5-5.el5_2.5.x86_64.rpme232587db81b11cd7da71e0d241b27c8ELSA-2013-1090



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete