Format: 1.8 Date: Tue, 21 Feb 2012 16:28:51 -0600 Source: ruby1.8 Binary: ruby1.8 libruby1.8 libruby1.8-dbg ruby1.8-dev libdbm-ruby1.8 libgdbm-ruby1.8 libreadline-ruby1.8 libtcltk-ruby1.8 libopenssl-ruby1.8 ruby1.8-examples ruby1.8-elisp ri1.8 rdoc1.8 irb1.8 Architecture: amd64 Version: 1.8.7.249-2ubuntu0.1 Distribution: lucid Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Tyler Hicks Description: irb1.8 - Interactive Ruby (for Ruby 1.8) libdbm-ruby1.8 - DBM interface for Ruby 1.8 libgdbm-ruby1.8 - GDBM interface for Ruby 1.8 libopenssl-ruby1.8 - OpenSSL interface for Ruby 1.8 libreadline-ruby1.8 - Readline interface for Ruby 1.8 libruby1.8 - Libraries necessary to run Ruby 1.8 libruby1.8-dbg - Debugging symbols for Ruby 1.8 libtcltk-ruby1.8 - Tcl/Tk interface for Ruby 1.8 rdoc1.8 - Generate documentation from Ruby source files (for Ruby 1.8) ri1.8 - Ruby Interactive reference (for Ruby 1.8) ruby1.8 - Interpreter of object-oriented scripting language Ruby 1.8 ruby1.8-dev - Header files for compiling extension modules for the Ruby 1.8 ruby1.8-elisp - ruby-mode for Emacsen ruby1.8-examples - Examples for Ruby 1.8 Changes: ruby1.8 (1.8.7.249-2ubuntu0.1) lucid-security; urgency=low . * SECURITY UPDATE: Cross-site scripting via HTTP error responses - debian/patches/CVE-2010-0541.patch: Use the ISO-8859-1 character set for HTTP error responses. Based on upstream patch. - CVE-2010-0541 * SECURITY UPDATE: Arbitrary code execution and denial of service - debian/patches/CVE-2011-0188.patch: Remove cast to prevent memory corruption during allocation. Based on upstream patch. - CVE-2011-0188 * SECURITY UPDATE: Arbitrary file deletion due to symlink race - debian/patches/CVE-2011-1004.patch: Unlink the symlink rather than recursively removing everything underneath the symlink destination. Based on upstream patch. - CVE-2011-1004 * SECURITY UPDATE: Safe level bypass - debian/patches/CVE-2011-1005.patch: Remove incorrect string taint in exception handling methods. Based on upstream patch. - CVE-2011-1005 * SECURITY UPDATE: Predictable random number generation - debian/patches/CVE-2011-2686.patch: Reseed the random number generator each time a child process is created. Based on upstream patch. - CVE-2011-2686 * SECURITY UPDATE: Predicatable random number generation - debian/patches/CVE-2011-2705.patch: Reseed the random number generator with the pid number and the current time to prevent predictable random numbers in the case of pid number rollover. Based on upstream patch. - CVE-2011-2705 * SECURITY UPDATE: Denial of service via crafted hash table keys - debian/patches/CVE-2011-4815.patch: Add randomness to the key hashing algorithm to prevent predictable results when inserting objects into a hash table. Based on upstream patch. - CVE-2011-4815 Checksums-Sha1: 19cb20c4febb05882d5fb8ba8619b9e3f7d6eea8 24214 ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 44678ac1141a8d4ffeb563d77c01ee2483788224 1529788 libruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 3e5605a64ab7b7a7a08af9754de7a123c5c4ec0f 1272376 libruby1.8-dbg_1.8.7.249-2ubuntu0.1_amd64.deb edcb761aaca3afa69014650796e1435251eaea07 619810 ruby1.8-dev_1.8.7.249-2ubuntu0.1_amd64.deb f64435bd5064bdcf99e5d081c6243bf2afb6d1f1 12644 libdbm-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 63f87c9bc44d06b86d9b34587e5f341e246cce86 11940 libgdbm-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb b674d676a4142a66c9bab60d33b646712ac99a67 11320 libreadline-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb a9bf72db3d81ea580228bc3650845d86512a75ea 1758142 libtcltk-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 524ac1eee215044fb2e12eddaa7acf3ec83333cd 137622 libopenssl-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb Checksums-Sha256: 0fe24c5d812a34b1217c7b2ef0cfabe96d05069aa454b91fc4ef6fdef7818764 24214 ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 654532a04850a7ca5ab9c7f44cd9fcf466b0ac822144f4a4a5d35b3c14627b7c 1529788 libruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb cfcf16cf757697a6461bf01af53d462848d8c272a4d924847cc7f4f29e84feac 1272376 libruby1.8-dbg_1.8.7.249-2ubuntu0.1_amd64.deb 9c1f11913c6389230a2fa410b3efdc031042b5b10835cb785e2d517bd4e164b3 619810 ruby1.8-dev_1.8.7.249-2ubuntu0.1_amd64.deb bc582058f3c0ead70cf202ead4d76306c17eee4b3ab2fda3e52b5ca60c5325fa 12644 libdbm-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 2b5d8efb8faa944727e9a3b4a3d9d15413f7e82ab901eb71af8e22d21e18d751 11940 libgdbm-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb ff57906d6fc2349f8ff900463606417e17f6e9cda669826148539aee4e416b22 11320 libreadline-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 378ef8feb3f4c1a6f6faeffbf91b5a2c1d11c03c7a60de9125062d47ae9d6aab 1758142 libtcltk-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb e83602628dbe7ef12762235463d0d118bb32c2f14396cf62d0c41aa79a50807b 137622 libopenssl-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb Files: a8a243a723c73c35846042fc2d96433b 24214 ruby optional ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 8d6bd7a764cc7a8a47653e83ee3cca2b 1529788 ruby optional libruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 314b0cc1906816e83ef662ca3c55fb4a 1272376 debug extra libruby1.8-dbg_1.8.7.249-2ubuntu0.1_amd64.deb 831b4e3ce549262694694e06fe7c143b 619810 ruby optional ruby1.8-dev_1.8.7.249-2ubuntu0.1_amd64.deb adc85ec070c83f991de9c2719dadc51e 12644 ruby optional libdbm-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb b545af52c0d633d109702c4c13d9a02c 11940 ruby optional libgdbm-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 8361065f5953c3c9fe03ffdad2509c6d 11320 ruby optional libreadline-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 823b57f2c17f0d2e2d04a8543e52af41 1758142 ruby optional libtcltk-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb 6352926c9e94a29eb669a8e303f768a0 137622 ruby optional libopenssl-ruby1.8_1.8.7.249-2ubuntu0.1_amd64.deb Original-Maintainer: akira yamada