Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Critical: ruby on SL6.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Tuesday 3rd December 2013 20:07:15 UTC (over 2 years ago)
Synopsis:          Critical: ruby security update
Advisory ID:       SLSA-2013:1764-1
Issue Date:        2013-11-25
CVE Numbers:       CVE-2013-4164
--

A buffer overflow flaw was found in the way Ruby parsed floating point
numbers from their text representation. If an application using Ruby
accepted untrusted input strings and converted them to floating point
numbers, an attacker able to provide such input could cause the
application to crash or, possibly, execute arbitrary code with the
privileges of the application. (CVE-2013-4164)
--

SL6
  x86_64
    ruby-1.8.7.352-13.el6.x86_64.rpm
    ruby-debuginfo-1.8.7.352-13.el6.i686.rpm
    ruby-debuginfo-1.8.7.352-13.el6.x86_64.rpm
    ruby-devel-1.8.7.352-13.el6.i686.rpm
    ruby-devel-1.8.7.352-13.el6.x86_64.rpm
    ruby-irb-1.8.7.352-13.el6.x86_64.rpm
    ruby-libs-1.8.7.352-13.el6.i686.rpm
    ruby-libs-1.8.7.352-13.el6.x86_64.rpm
    ruby-rdoc-1.8.7.352-13.el6.x86_64.rpm
    ruby-docs-1.8.7.352-13.el6.x86_64.rpm
    ruby-ri-1.8.7.352-13.el6.x86_64.rpm
    ruby-static-1.8.7.352-13.el6.x86_64.rpm
    ruby-tcltk-1.8.7.352-13.el6.x86_64.rpm
  i386
    ruby-1.8.7.352-13.el6.i686.rpm
    ruby-debuginfo-1.8.7.352-13.el6.i686.rpm
    ruby-devel-1.8.7.352-13.el6.i686.rpm
    ruby-irb-1.8.7.352-13.el6.i686.rpm
    ruby-libs-1.8.7.352-13.el6.i686.rpm
    ruby-rdoc-1.8.7.352-13.el6.i686.rpm
    ruby-docs-1.8.7.352-13.el6.i686.rpm
    ruby-ri-1.8.7.352-13.el6.i686.rpm
    ruby-static-1.8.7.352-13.el6.i686.rpm
    ruby-tcltk-1.8.7.352-13.el6.i686.rpm

- Scientific Linux Development Team
 
CD: 3ms