(RHSA-2006:0604) ruby security update

2006-07-2700:00:00

access.redhat.com

EPSS

0.058

Percentile

93.4%

JSON

Ruby is an interpreted scripting language for object-oriented programming.

A number of flaws were found in the safe-level restrictions in Ruby. It
was possible for an attacker to create a carefully crafted malicious script
that can allow the bypass of certain safe-level restrictions. (CVE-2006-3694)

Users of Ruby should update to these erratum packages, which contain a
backported patch and are not vulnerable to this issue.

OSVersionArchitecturePackageVersionFilename
RedHatanys390irb< 1.8.1-7.EL4.6irb-1.8.1-7.EL4.6.s390.rpm
RedHatanyppcruby< 1.8.1-7.EL4.6ruby-1.8.1-7.EL4.6.ppc.rpm
RedHatanyi386irb< 1.6.8-9.EL3.6irb-1.6.8-9.EL3.6.i386.rpm
RedHatanyx86_64ruby-devel< 1.8.1-7.EL4.6ruby-devel-1.8.1-7.EL4.6.x86_64.rpm
RedHatanyx86_64ruby-mode< 1.6.8-9.EL3.6ruby-mode-1.6.8-9.EL3.6.x86_64.rpm
RedHatanyia64irb< 1.8.1-7.EL4.6irb-1.8.1-7.EL4.6.ia64.rpm
RedHatanys390xruby-libs< 1.8.1-7.EL4.6ruby-libs-1.8.1-7.EL4.6.s390x.rpm
RedHatanyx86_64ruby-libs< 1.8.1-7.EL4.6ruby-libs-1.8.1-7.EL4.6.x86_64.rpm
RedHatanyi386ruby-devel< 1.8.1-7.EL4.6ruby-devel-1.8.1-7.EL4.6.i386.rpm
RedHatanys390ruby-mode< 1.6.8-9.EL3.6ruby-mode-1.6.8-9.EL3.6.s390.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	s390	irb	< 1.8.1-7.EL4.6	irb-1.8.1-7.EL4.6.s390.rpm
RedHat	any	ppc	ruby	< 1.8.1-7.EL4.6	ruby-1.8.1-7.EL4.6.ppc.rpm
RedHat	any	i386	irb	< 1.6.8-9.EL3.6	irb-1.6.8-9.EL3.6.i386.rpm
RedHat	any	x86_64	ruby-devel	< 1.8.1-7.EL4.6	ruby-devel-1.8.1-7.EL4.6.x86_64.rpm
RedHat	any	x86_64	ruby-mode	< 1.6.8-9.EL3.6	ruby-mode-1.6.8-9.EL3.6.x86_64.rpm
RedHat	any	ia64	irb	< 1.8.1-7.EL4.6	irb-1.8.1-7.EL4.6.ia64.rpm
RedHat	any	s390x	ruby-libs	< 1.8.1-7.EL4.6	ruby-libs-1.8.1-7.EL4.6.s390x.rpm
RedHat	any	x86_64	ruby-libs	< 1.8.1-7.EL4.6	ruby-libs-1.8.1-7.EL4.6.x86_64.rpm
RedHat	any	i386	ruby-devel	< 1.8.1-7.EL4.6	ruby-devel-1.8.1-7.EL4.6.i386.rpm
RedHat	any	s390	ruby-mode	< 1.6.8-9.EL3.6	ruby-mode-1.6.8-9.EL3.6.s390.rpm