Ruby is an interpreted scripting language for object-oriented programming.
A flaw was discovered in the way Ruby’s CGI module handles certain
multipart/form-data MIME data. If a remote attacker sends a specially
crafted multipart-form-data request, it is possible to cause the ruby
CGI script to enter an infinite loop, causing a denial of service.
(CVE-2006-5467)
Users of Ruby should upgrade to these updated packages which contain
backported patches and are not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | ruby-mode | < 1.6.8-9.EL3.8 | ruby-mode-1.6.8-9.EL3.8.s390x.rpm |
RedHat | any | ppc64 | ruby-libs | < 1.6.8-9.EL3.8 | ruby-libs-1.6.8-9.EL3.8.ppc64.rpm |
RedHat | any | i386 | ruby-devel | < 1.8.1-7.EL4.8 | ruby-devel-1.8.1-7.EL4.8.i386.rpm |
RedHat | any | ia64 | ruby-tcltk | < 1.8.1-7.EL4.8 | ruby-tcltk-1.8.1-7.EL4.8.ia64.rpm |
RedHat | any | s390x | ruby-libs | < 1.6.8-9.EL3.8 | ruby-libs-1.6.8-9.EL3.8.s390x.rpm |
RedHat | any | s390 | ruby-tcltk | < 1.8.1-7.EL4.8 | ruby-tcltk-1.8.1-7.EL4.8.s390.rpm |
RedHat | any | ppc | ruby | < 1.8.1-7.EL4.8 | ruby-1.8.1-7.EL4.8.ppc.rpm |
RedHat | any | ppc | ruby-tcltk | < 1.6.8-9.EL3.8 | ruby-tcltk-1.6.8-9.EL3.8.ppc.rpm |
RedHat | any | s390x | ruby-docs | < 1.8.1-7.EL4.8 | ruby-docs-1.8.1-7.EL4.8.s390x.rpm |
RedHat | any | s390 | irb | < 1.6.8-9.EL3.8 | irb-1.6.8-9.EL3.8.s390.rpm |