[ubuntu/lucid] ruby1.9 1.9.0.5-1ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Feb 22 22:00:16 GMT 2010
ruby1.9 (1.9.0.5-1ubuntu2) lucid; urgency=low
* SECURITY UPDATE: arbitrary code execution via string operations
- debian/patches/932_CVE-2009-4124.dpatch: calculate lengths properly
in string.c, add test in test/ruby/test_string.rb.
- CVE-2009-4124
* SECURITY UPDATE: incorrect log file sanitation in WEBrick (LP: #509392)
- debian/patches/933_CVE-2009-4492.dpatch: properly escape in
lib/webrick/{accesslog.rb,httprequest.rb,httpstatus.rb,httputils.rb},
add test to test/webrick/test_cgi.rb.
- CVE-2009-4492
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/patches/934_CVE-2009-1904.dpatch: handle large numbers
properly in ext/bigdecimal/bigdecimal.c.
- CVE-2009-1904
Date: Mon, 22 Feb 2010 16:34:02 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/ruby1.9/1.9.0.5-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 22 Feb 2010 16:34:02 -0500
Source: ruby1.9
Binary: ruby1.9 libruby1.9 libruby1.9-dbg ruby1.9-dev libdbm-ruby1.9 libgdbm-ruby1.9 libreadline-ruby1.9 libtcltk-ruby1.9 libopenssl-ruby1.9 ruby1.9-examples ruby1.9-elisp ri1.9 rdoc1.9 irb1.9
Architecture: source
Version: 1.9.0.5-1ubuntu2
Distribution: lucid
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
irb1.9 - Interactive Ruby (for Ruby 1.9)
libdbm-ruby1.9 - DBM interface for Ruby 1.9
libgdbm-ruby1.9 - GDBM interface for Ruby 1.9
libopenssl-ruby1.9 - OpenSSL interface for Ruby 1.9
libreadline-ruby1.9 - Readline interface for Ruby 1.9
libruby1.9 - Libraries necessary to run Ruby 1.9
libruby1.9-dbg - Debugging symbols for Ruby 1.9
libtcltk-ruby1.9 - Tcl/Tk interface for Ruby 1.9
rdoc1.9 - Generate documentation from Ruby source files (for Ruby 1.9)
ri1.9 - Ruby Interactive reference (for Ruby 1.9)
ruby1.9 - Interpreter of object-oriented scripting language Ruby 1.9
ruby1.9-dev - Header files for compiling extension modules for the Ruby 1.9
ruby1.9-elisp - ruby-mode for Emacsen
ruby1.9-examples - Examples for Ruby 1.9
Launchpad-Bugs-Fixed: 385436 509392
Changes:
ruby1.9 (1.9.0.5-1ubuntu2) lucid; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via string operations
- debian/patches/932_CVE-2009-4124.dpatch: calculate lengths properly
in string.c, add test in test/ruby/test_string.rb.
- CVE-2009-4124
* SECURITY UPDATE: incorrect log file sanitation in WEBrick (LP: #509392)
- debian/patches/933_CVE-2009-4492.dpatch: properly escape in
lib/webrick/{accesslog.rb,httprequest.rb,httpstatus.rb,httputils.rb},
add test to test/webrick/test_cgi.rb.
- CVE-2009-4492
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/patches/934_CVE-2009-1904.dpatch: handle large numbers
properly in ext/bigdecimal/bigdecimal.c.
- CVE-2009-1904
Checksums-Sha1:
f6b5d2a291a0c156a6728662a79f909d298fe076 1742 ruby1.9_1.9.0.5-1ubuntu2.dsc
822e11b27119933b4dbfa8900a3aa5edee36786c 60596 ruby1.9_1.9.0.5-1ubuntu2.diff.gz
Checksums-Sha256:
29a19a7a594782db2df6ec16d0044f56e6a60636b0f0412feff0d13dde3999a2 1742 ruby1.9_1.9.0.5-1ubuntu2.dsc
849b38e4c5620e0aa3d82c7efa9a1bc418d58e3779ebb0b0c05735e59e888770 60596 ruby1.9_1.9.0.5-1ubuntu2.diff.gz
Files:
3cb4efd0f6483eb8cd8351e79a5c4fe3 1742 ruby optional ruby1.9_1.9.0.5-1ubuntu2.dsc
ac60ca3bea36291d4ab43a41f08838a8 60596 ruby optional ruby1.9_1.9.0.5-1ubuntu2.diff.gz
Original-Maintainer: akira yamada <akira at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkuC/b0ACgkQLMAs/0C4zNot3ACfcOzgZ1T+Z4QIR7kbM1kPQMdC
d1IAoLznjAkPMOTK3Xwma0fMhScsf0J2
=PMqD
-----END PGP SIGNATURE-----
More information about the Lucid-changes
mailing list