lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <E1DsV0M-000863-76@mercury.mandriva.com> Date: Wed Jul 13 01:21:44 2005 From: security at mandriva.com (Mandriva Security Team) Subject: MDKSA-2005:118 - Updated ruby packages fix vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Update Advisory _______________________________________________________________________ Package name: ruby Advisory ID: MDKSA-2005:118 Date: July 12th, 2005 Affected versions: 10.1, 10.2, Corporate 3.0 ______________________________________________________________________ Problem Description: A vulnerability was discovered in ruby version 1.8 that could allow for the execution of arbitrary commands on a server running the ruby xmlrpc server. The updated packages have been patched to address this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1992 ______________________________________________________________________ Updated Packages: Mandrakelinux 10.1: 043863c657386a3854a0360efe400485 10.1/RPMS/ruby-1.8.1-4.3.101mdk.i586.rpm 2a8de5aaf553cae5ba5fc4ce64989c2a 10.1/RPMS/ruby-devel-1.8.1-4.3.101mdk.i586.rpm b05c05c460299fb987781b1a7bcb76a3 10.1/RPMS/ruby-doc-1.8.1-4.3.101mdk.i586.rpm a639754ad5ddec161d3e6310d2c8f597 10.1/RPMS/ruby-tk-1.8.1-4.3.101mdk.i586.rpm 6b8c255d78584b374868f68c0fba1f9a 10.1/SRPMS/ruby-1.8.1-4.3.101mdk.src.rpm Mandrakelinux 10.1/X86_64: 422ce1ef49205b71ec46cba5b324596e x86_64/10.1/RPMS/ruby-1.8.1-4.3.101mdk.x86_64.rpm 9cd8d758760b3a6f8e2d294b49974795 x86_64/10.1/RPMS/ruby-devel-1.8.1-4.3.101mdk.x86_64.rpm d1f77bd35fec7be67c174d421004cc99 x86_64/10.1/RPMS/ruby-doc-1.8.1-4.3.101mdk.x86_64.rpm ff201be467588f67119dac4c77d2451d x86_64/10.1/RPMS/ruby-tk-1.8.1-4.3.101mdk.x86_64.rpm 6b8c255d78584b374868f68c0fba1f9a x86_64/10.1/SRPMS/ruby-1.8.1-4.3.101mdk.src.rpm Mandrakelinux 10.2: 1abe15ec37c10254da6f869a91f462d6 10.2/RPMS/ruby-1.8.2-6.1.102mdk.i586.rpm 69902e1e9f69fa0417de527b86b08129 10.2/RPMS/ruby-devel-1.8.2-6.1.102mdk.i586.rpm 79d13e6dc12446bf0d4ceba8f3891746 10.2/RPMS/ruby-doc-1.8.2-6.1.102mdk.i586.rpm 4d1bae45003f12c8f640354654d08c66 10.2/RPMS/ruby-tk-1.8.2-6.1.102mdk.i586.rpm 72470b9bdecc8085247dd3ea9bfd026e 10.2/SRPMS/ruby-1.8.2-6.1.102mdk.src.rpm Mandrakelinux 10.2/X86_64: 6defbc537392fd90ca86512ec16f84ba x86_64/10.2/RPMS/ruby-1.8.2-6.1.102mdk.x86_64.rpm 42f826518c7e2d7184409006156e85a1 x86_64/10.2/RPMS/ruby-devel-1.8.2-6.1.102mdk.x86_64.rpm be826ba64425c2b6257ae2106311c4ba x86_64/10.2/RPMS/ruby-doc-1.8.2-6.1.102mdk.x86_64.rpm a229474a25b363f856dc73999e620409 x86_64/10.2/RPMS/ruby-tk-1.8.2-6.1.102mdk.x86_64.rpm 72470b9bdecc8085247dd3ea9bfd026e x86_64/10.2/SRPMS/ruby-1.8.2-6.1.102mdk.src.rpm Corporate 3.0: ee7b55f434cddfabbb51ff7de4b4300a corporate/3.0/RPMS/ruby-1.8.1-1.3.C30mdk.i586.rpm 8f30c891611ec8a94f2547ea9d6fc4f5 corporate/3.0/RPMS/ruby-devel-1.8.1-1.3.C30mdk.i586.rpm 82012434d3fe44cfd6d3f22643382134 corporate/3.0/RPMS/ruby-doc-1.8.1-1.3.C30mdk.i586.rpm fac1f5244b97d58523ddf13afa550889 corporate/3.0/RPMS/ruby-tk-1.8.1-1.3.C30mdk.i586.rpm 7781778b81a36b85cfb60424337ab463 corporate/3.0/SRPMS/ruby-1.8.1-1.3.C30mdk.src.rpm Corporate 3.0/X86_64: 8dccd5b797263c2784a6159bdf1b4614 x86_64/corporate/3.0/RPMS/ruby-1.8.1-1.3.C30mdk.x86_64.rpm 89b25dcefd9e99b9b67255f1ed862946 x86_64/corporate/3.0/RPMS/ruby-devel-1.8.1-1.3.C30mdk.x86_64.rpm 24559489e7e1aebe6f7f788caa31d0c3 x86_64/corporate/3.0/RPMS/ruby-doc-1.8.1-1.3.C30mdk.x86_64.rpm 2737e9bdaafe436bcec1a367d4c80c82 x86_64/corporate/3.0/RPMS/ruby-tk-1.8.1-1.3.C30mdk.x86_64.rpm 7781778b81a36b85cfb60424337ab463 x86_64/corporate/3.0/SRPMS/ruby-1.8.1-1.3.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFC1F6SmqjQ0CJFipgRApk6AKDYfxK9rSRXzCjoUrweytJnimPijQCeJa46 /RtageXCJm+dnkONlvjpd2Q= =X4d+ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists