[El-errata] ELSA-2006:0604, ELSA-2006:0729 Moderate ruby security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Thu Nov 30 19:20:16 PST 2006


Enterprise Linux Security Advisory 2006:0729, 2006:0604

https://rhn.redhat.com/errata/RHSA-2006-0729.html
https://rhn.redhat.com/errata/RHSA-2006-0604.html

The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:

i386:
irb-1.8.1-7.EL4.8.i386.rpm
ruby-1.8.1-7.EL4.8.i386.rpm
ruby-devel-1.8.1-7.EL4.8.i386.rpm
ruby-docs-1.8.1-7.EL4.8.i386.rpm
ruby-libs-1.8.1-7.EL4.8.i386.rpm
ruby-mode-1.8.1-7.EL4.8.i386.rpm
ruby-tcltk-1.8.1-7.EL4.8.i386.rpm

x86_64:
irb-1.8.1-7.EL4.8.x86_64.rpm
ruby-1.8.1-7.EL4.8.x86_64.rpm
ruby-devel-1.8.1-7.EL4.8.x86_64.rpm
ruby-docs-1.8.1-7.EL4.8.x86_64.rpm
ruby-libs-1.8.1-7.EL4.8.i386.rpm
ruby-libs-1.8.1-7.EL4.8.x86_64.rpm
ruby-mode-1.8.1-7.EL4.8.x86_64.rpm
ruby-tcltk-1.8.1-7.EL4.8.x86_64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/ruby-1.8.1-7.EL4.8.src.rpm


Description of changes:
[1.8.1-7.EL4.8]
- BR tcl-devel and tk-devel instead of tcl and tk.

[1.8.1-7.EL4.7]
- security fix release.
- ruby-1.8.1-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that
   causes the denial of service. (#212237)

[1.8.1-7.EL4.6]
- security fixes [CVE-2006-3694]
   - fixed the insecure operations on Dir and Regexp in the certain safe-level
     restrictions. (#199539)
   - fixed to not bypass the certain safe-level restrictions. (#199545)

[1.8.1-7.EL4.4]
- ruby-magic-setjmp.patch: backported to fix unstable GC on ia64.
   [ruby-talk:144939] (#190805)





More information about the El-errata mailing list