ruby1.9 (1.9.0.2-7ubuntu1.3) intrepid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via string operations
- debian/patches/922_security_CVE-2009-4124.dpatch: calculate lengths
properly in string.c, add test in test/ruby/test_string.rb.
- CVE-2009-4124
* SECURITY UPDATE: incorrect log file sanitation in WEBrick (LP: #509392)
- debian/patches/923_security_CVE-2009-4492.dpatch: properly escape in
lib/webrick/{accesslog.rb,httprequest.rb,httpstatus.rb,httputils.rb},
add test to test/webrick/test_cgi.rb.
- CVE-2009-4492
Date: Thu, 11 Feb 2010 16:40:38 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/intrepid/+source/ruby1.9/1.9.0.2-7ubuntu1.3
Format: 1.8
Date: Thu, 11 Feb 2010 16:40:38 -0500
Source: ruby1.9
Binary: ruby1.9 libruby1.9 libruby1.9-dbg ruby1.9-dev libdbm-ruby1.9
libgdbm-ruby1.9 libreadline-ruby1.9 libtcltk-ruby1.9 libopenssl-ruby1.9
ruby1.9-examples ruby1.9-elisp ri1.9 rdoc1.9 irb1.9
Architecture: source
Version: 1.9.0.2-7ubuntu1.3
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
irb1.9 - Interactive Ruby (for Ruby 1.9)
libdbm-ruby1.9 - DBM interface for Ruby 1.9
libgdbm-ruby1.9 - GDBM interface for Ruby 1.9
libopenssl-ruby1.9 - OpenSSL interface for Ruby 1.9
libreadline-ruby1.9 - Readline interface for Ruby 1.9
libruby1.9 - Libraries necessary to run Ruby 1.9
libruby1.9-dbg - Debugging symbols for Ruby 1.9
libtcltk-ruby1.9 - Tcl/Tk interface for Ruby 1.9
rdoc1.9 - Generate documentation from Ruby source files (for Ruby 1.9)
ri1.9 - Ruby Interactive reference (for Ruby 1.9)
ruby1.9 - Interpreter of object-oriented scripting language Ruby 1.9
ruby1.9-dev - Header files for compiling extension modules for the Ruby 1.9
ruby1.9-elisp - ruby-mode for Emacsen
ruby1.9-examples - Examples for Ruby 1.9
Launchpad-Bugs-Fixed: 509392
Changes:
ruby1.9 (1.9.0.2-7ubuntu1.3) intrepid-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via string operations
- debian/patches/922_security_CVE-2009-4124.dpatch: calculate lengths
properly in string.c, add test in test/ruby/test_string.rb.
- CVE-2009-4124
* SECURITY UPDATE: incorrect log file sanitation in WEBrick (LP: #509392)
- debian/patches/923_security_CVE-2009-4492.dpatch: properly escape in
lib/webrick/{accesslog.rb,httprequest.rb,httpstatus.rb,httputils.rb},
add test to test/webrick/test_cgi.rb.
- CVE-2009-4492
Checksums-Sha1:
0069f86797475a9482f6c5cd6895fa4a2f81c366 1772 ruby1.9_1.9.0.2-7ubuntu1.3.dsc
236cd9a2afb71f25719f4bd40cc4c26b09509893 55028
ruby1.9_1.9.0.2-7ubuntu1.3.diff.gz
Checksums-Sha256:
df671501dbe87641a683a6b23193b1b3f2d9ed6852a587764088dbd213f08aae 1772
ruby1.9_1.9.0.2-7ubuntu1.3.dsc
69a674597231b69c2b6690902e8c3312b6fe19e1307461ffbd8a48c140a1a0c3 55028
ruby1.9_1.9.0.2-7ubuntu1.3.diff.gz
Files:
d97af9578cccd57bd0478b24c4a15bbd 1772 interpreters optional
ruby1.9_1.9.0.2-7ubuntu1.3.dsc
348a5acc2d4cd7140db6e559b61dcd65 55028 interpreters optional
ruby1.9_1.9.0.2-7ubuntu1.3.diff.gz
Original-Maintainer: akira yamada <[email protected]>
--
Intrepid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/intrepid-changes
