ruby1.8 1.8.7.299-2ubuntu0.1 source package in Ubuntu

Changelog

ruby1.8 (1.8.7.299-2ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: Cross-site scripting via HTTP error responses
    - debian/patches/CVE-2010-0541.patch: Use the ISO-8859-1 character
      set for HTTP error responses. Based on upstream patch.
    - CVE-2010-0541
  * SECURITY UPDATE: Arbitrary code execution and denial of service
    - debian/patches/CVE-2011-0188.patch: Remove cast to prevent memory
      corruption during allocation. Based on upstream patch.
    - CVE-2011-0188
  * SECURITY UPDATE: Arbitrary file deletion due to symlink race
    - debian/patches/CVE-2011-1004.patch: Unlink the symlink rather
      than recursively removing everything underneath the symlink
      destination. Based on upstream patch.
    - CVE-2011-1004
  * SECURITY UPDATE: Safe level bypass
    - debian/patches/CVE-2011-1005.patch: Remove incorrect string taint
      in exception handling methods. Based on upstream patch.
    - CVE-2011-1005
  * SECURITY UPDATE: Predictable random number generation
    - debian/patches/CVE-2011-2686.patch: Reseed the random number
      generator each time a child process is created. Based on upstream
      patch.
    - CVE-2011-2686
  * SECURITY UPDATE: Predicatable random number generation
    - debian/patches/CVE-2011-2705.patch: Reseed the random number
      generator with the pid number and the current time to prevent
      predictable random numbers in the case of pid number rollover. Based on
      upstream patch.
    - CVE-2011-2705
  * SECURITY UPDATE: Denial of service via crafted hash table keys
    - debian/patches/CVE-2011-4815.patch: Add randomness to the key hashing
      algorithm to prevent predictable results when inserting objects into a
      hash table. Based on upstream patch.
    - CVE-2011-4815
 -- Tyler Hicks <email address hidden>   Tue, 21 Feb 2012 16:28:51 -0600

Upload details

Uploaded by:
Tyler Hicks on 2012-02-22
Uploaded to:
Maverick
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
ruby
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ruby1.8_1.8.7.299.orig.tar.gz 4.6 MiB 32c99c8e3d0a0190942055b8239f1573677a02de2645d81539617011f3a5427b
ruby1.8_1.8.7.299-2ubuntu0.1.diff.gz 50.9 KiB dc3ba918e4959f86b1c7aaf961f3207372a02b68d0e47b31e641f99dd7127c9a
ruby1.8_1.8.7.299-2ubuntu0.1.dsc 2.2 KiB 96d03f4521d45ebc4a096caa86cb5b0007495b72380eb907890de75ddd3e24d7

View changes file

Binary packages built by this source

libruby1.8: No summary available for libruby1.8 in ubuntu maverick.

No description available for libruby1.8 in ubuntu maverick.

libruby1.8-dbg: No summary available for libruby1.8-dbg in ubuntu maverick.

No description available for libruby1.8-dbg in ubuntu maverick.

libtcltk-ruby1.8: No summary available for libtcltk-ruby1.8 in ubuntu maverick.

No description available for libtcltk-ruby1.8 in ubuntu maverick.

ri1.8: No summary available for ri1.8 in ubuntu maverick.

No description available for ri1.8 in ubuntu maverick.

ruby1.8: No summary available for ruby1.8 in ubuntu maverick.

No description available for ruby1.8 in ubuntu maverick.

ruby1.8-dev: No summary available for ruby1.8-dev in ubuntu maverick.

No description available for ruby1.8-dev in ubuntu maverick.

ruby1.8-elisp: No summary available for ruby1.8-elisp in ubuntu maverick.

No description available for ruby1.8-elisp in ubuntu maverick.

ruby1.8-examples: No summary available for ruby1.8-examples in ubuntu maverick.

No description available for ruby1.8-examples in ubuntu maverick.