Ruby security vulnerabilities

June 23, 2008

Multiple arbitrary code execution vulnerabilities in Ruby have been revealed by the Apple Product Security team which could lead to Denial of Service attacks. A total of five vulnerabilities have been reported, with versions impacted being:

1.8.4 and all prior versions
1.8.5-p230 and all prior versions
1.8.6-p229 and all prior versions
1.8.7-p21 and all prior versions
1.9.0-1 and all prior versions

Upgrading to either 1.8.5-p231, 1.8.6-p230, 1.8.7-p22 or 1.9.0-2 is recommended.

Details could be found at

http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

Entry Filed under: news@RoR. Tags: , , , , , .

Leave a Comment

hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Categories

posts[:recent]

episodes[:recycled]

@@name = PRAYAS

Step down at my blog with your ideas,comments,suggestions on Ruby,RoR,Ajax or Web2.0.You may reach me at
infostall@gmail.com

find_by_tags

Links

visitors[:since_Mar'08]

free web counter

Spam Blocked

Feeds

Meta

RSS Prayas here