[El-errata] ELSA-2006:0604, ELSA-2006:0729 Moderate ruby security update
el-errata at oss.oracle.com
el-errata at oss.oracle.com
Thu Nov 30 19:20:16 PST 2006
Enterprise Linux Security Advisory 2006:0729, 2006:0604
https://rhn.redhat.com/errata/RHSA-2006-0729.html
https://rhn.redhat.com/errata/RHSA-2006-0604.html
The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:
i386:
irb-1.8.1-7.EL4.8.i386.rpm
ruby-1.8.1-7.EL4.8.i386.rpm
ruby-devel-1.8.1-7.EL4.8.i386.rpm
ruby-docs-1.8.1-7.EL4.8.i386.rpm
ruby-libs-1.8.1-7.EL4.8.i386.rpm
ruby-mode-1.8.1-7.EL4.8.i386.rpm
ruby-tcltk-1.8.1-7.EL4.8.i386.rpm
x86_64:
irb-1.8.1-7.EL4.8.x86_64.rpm
ruby-1.8.1-7.EL4.8.x86_64.rpm
ruby-devel-1.8.1-7.EL4.8.x86_64.rpm
ruby-docs-1.8.1-7.EL4.8.x86_64.rpm
ruby-libs-1.8.1-7.EL4.8.i386.rpm
ruby-libs-1.8.1-7.EL4.8.x86_64.rpm
ruby-mode-1.8.1-7.EL4.8.x86_64.rpm
ruby-tcltk-1.8.1-7.EL4.8.x86_64.rpm
SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/ruby-1.8.1-7.EL4.8.src.rpm
Description of changes:
[1.8.1-7.EL4.8]
- BR tcl-devel and tk-devel instead of tcl and tk.
[1.8.1-7.EL4.7]
- security fix release.
- ruby-1.8.1-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that
causes the denial of service. (#212237)
[1.8.1-7.EL4.6]
- security fixes [CVE-2006-3694]
- fixed the insecure operations on Dir and Regexp in the certain safe-level
restrictions. (#199539)
- fixed to not bypass the certain safe-level restrictions. (#199545)
[1.8.1-7.EL4.4]
- ruby-magic-setjmp.patch: backported to fix unstable GC on ia64.
[ruby-talk:144939] (#190805)
More information about the El-errata
mailing list