Aug. 12, 2008 Kirill A. Shutemov 1.8.7-alt6
- 1.8.7.72
+ Multiple vulnerabilities
+ Several vulnerabilities in safe level
+ untrace_var is permitted at safe level 4
+ $PROGRAM_NAME may be modified at safe level 4
+ insecure methods may be called at safe level 1-3
+ syslog operations are permitted at safe level 4
+ DoS vulnerability in WEBrick
+ Lack of taintness check in dl
+ CVE-2008-1447: DNS spoofing vulnerability in resolv.rb