-
ruby1.8 (1.8.4-1ubuntu1.7) dapper-security; urgency=low
* SECURITY UPDATE: certificate spoofing via invalid return value check
in OCSP_basic_verify
- debian/patches/924_CVE-2009-0642.patch: also check for -1 return
code in ext/openssl/ossl_ocsp.c.
- CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/patches/925_CVE-2009-1904.patch: handle large numbers properly
in ext/bigdecimal/bigdecimal.c.
- CVE-2009-1904
-- Marc Deslauriers <email address hidden> Wed, 15 Jul 2009 13:31:57 -0400
-
ruby1.8 (1.8.4-1ubuntu1.6) dapper-security; urgency=low
* SECURITY UPDATE: denial of service via resource exhaustion in the REXML
module (LP: #261459)
- debian/patches/917_CVE-2008-3790.patch: adjust rexml/document.rb and
rexml/entity.rb to use expansion limits
- CVE-2008-3790
* SECURITY UPDATE: integer overflow in rb_ary_fill may cause denial of
service (LP: #246818)
- debian/patches/918_CVE-2008-2376.patch: adjust array.c to properly
check argument length
- CVE-2008-2376
* SECURITY UPDATE: denial of service via multiple long requests to a Ruby
socket
- debian/patches/919_CVE-2008-3443.patch: adjust regex.c to not use ruby
managed memory and check for allocation failures
- CVE-2008-3443
* SECURITY UPDATE: denial of service via crafted HTTP request (LP: #257122)
- debian/patches/920_CVE-2008-3656.patch: update webrick/httputils.rb to
properly check paths ending with '.'
- CVE-2008-3656
* SECURITY UPDATE: predictable transaction id and source port for DNS
requests (separate vulnerability from CVE-2008-1447)
- debian/patches/921_CVE-2008-3905.patch: adjust resolv.rb to use
SecureRandom for transaction id and source port
- CVE-2008-3905
* SECURITY UPDATE: safe level bypass via DL.dlopen
- debian/patches/922_CVE-2008-3657.patch: adjust rb_str_to_ptr and
rb_ary_to_ptr in ext/dl/dl.c and rb_dlsym_call in ext/dl/sym.c to
propogate taint and check taintness of DLPtrData
- CVE-2008-3657
* SECURITY UPDATE: safe level bypass via multiple vectors
- debian/patches/923_CVE-2008-3655.patch: use rb_secure(4) in variable.c
and syslog.c, check for secure level 3 or higher in eval.c and make
sure PROGRAM_NAME can't be modified
- CVE-2008-3655
-- Jamie Strandboge <email address hidden> Thu, 09 Oct 2008 10:32:41 -0500
-
ruby1.8 (1.8.4-1ubuntu1.5) dapper-security; urgency=low
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflows and memory corruption
* debian/patches/916_CVE-2008-2662+2663+2664+2725+2726.patch: update array.c
to properly validate the size of an array. Update string.c and sprintf.c
for proper bounds checking. Also modify ruby.h for RARRAY_PTR macro (taken
from 1.8.5-4ubuntu2)
* References:
CVE-2008-2662
CVE-2008-2663
CVE-2008-2664
CVE-2008-2725
CVE-2008-2726
LP: #241657
-- Jamie Strandboge <email address hidden> Wed, 25 Jun 2008 15:02:48 -0400
-
ruby1.8 (1.8.4-1ubuntu1.4) dapper-security; urgency=low
* SECURITY UPDATE: SSL connections did not check commonName early
enough, possibly allowing sensitive information to be exposed.
* debian/patches/915_CVE-2007-5162.patch: upstream fixes, from
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499
* debian/patches/915_CVE-2007-5770.patch: upstream fixes, from
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656
* References:
CVE-2007-5162 CVE-2007-5770 (LP: #149616)
-- Stephan Hermann <email address hidden> Tue, 13 Nov 2007 19:42:37 +0100
-
ruby1.8 (1.8.4-1ubuntu1.3) dapper-security; urgency=low
* SECURITY UPDATE: remote denial of service in CGI module.
* Add 'debian/patches/914_CVE-2006-6303' patch from upstream.
* References
http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/
CVE-2006-6303
-- Kees Cook <email address hidden> Thu, 7 Dec 2006 14:49:23 -0800
-
ruby1.8 (1.8.4-1ubuntu1.2) dapper-security; urgency=low
* SECURITY UPDATE: remote denial of service in CGI module.
* Add 'debian/patches/913_CVE-2006-5467' patch from upstream.
* References
http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html
CVE-2006-5467
-- Kees Cook <email address hidden> Fri, 27 Oct 2006 16:09:33 -0700
-
ruby1.8 (1.8.4-1ubuntu1.1) dapper-security; urgency=low
* SECURITY UPDATE: Safe level bypass.
* Add debian/patches/100_CVE-2006-3694.patch:
- eval.c, alias(): preserve current safe level
http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/eval.c?cvsroot=src&r1=1.616.2.166&r2=1.616.2.167
(only relevant part)
- re.c: do not modify untainted levels in safe levels > 3
http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/re.c?cvsroot=src&r1=1.114.2.17&r2=1.114.2.18
(only last hunk is relevant)
- dir.c: should not close untainted dir stream
http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/dir.c?cvsroot=src&r1=1.92.2.32&r2=1.92.2.33
- CVE-2006-3694
-- Martin Pitt <email address hidden> Wed, 26 Jul 2006 11:15:57 +0000
-
ruby1.8 (1.8.4-1ubuntu1) dapper; urgency=low
* Fix libruby sparc runtime illegal instructions:
- add patch debian/patches/903_sparc_fix_define.patch
(Fix by David S. Miller)
-- Fabio M. Di Nitto <email address hidden> Fri, 17 Mar 2006 10:32:22 +0100
-
ruby1.8 (1.8.4-1) unstable; urgency=low
* akira yamada <email address hidden>
- new upstream version.
- removed debian/patches/100_1.8.4-preview2+.patch:
- included in upstream.
- added debian/patches/802_yaml_symbol.patch:
- YAML loading of quoted symbols is broken (Closes: #344042)
- README.Debian improvement suggestion (Closes: #344293)
- debian/compat: compat level 4.
-- akira yamada <email address hidden> Sun, 25 Dec 2005 19:57:08 +0900
-
ruby1.8 (1.8.3+1.8.4preview2-1) unstable; urgency=low
* akira yamada <email address hidden>
- debian/control: updated description of ruby1.8.
- new upstream snapshot. (1.8.4-preview2)
- removed debian/patches/100_1.8.4-preview1.patch:
- these are included in 1.8.4-preview2.
- added debian/patches/100_1.8.4-preview2+.patch:
- bug fixes.
- configure with -O2 for IA64.
-- akira yamada <email address hidden> Sat, 17 Dec 2005 13:22:33 +0900
