Lucene search
RedHatRHSA-2008:0895HistoryOct 21, 2008 - 12:00 a.m.
(RHSA-2008:0895) Moderate: ruby security update
2008-10-2100:00:00
access.redhat.com
12
0.349 Low
EPSS
Percentile
97.1%
Ruby is an interpreted scripting language for quick and easy
object-oriented programming.
A number of flaws were found in the safe-level restrictions in Ruby. It
was possible for an attacker to create a carefully crafted malicious script
that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655)
A denial of service flaw was found in Rubyβs regular expression engine. If
a Ruby script tried to process a large amount of data via a regular
expression, it could cause Ruby to enter an infinite-loop and crash.
(CVE-2008-3443)
Users of ruby should upgrade to these updated packages, which contain
backported patches to resolve these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 2 | i386 | ruby-devel | <Β 1.6.4-7.el2 | ruby-devel-1.6.4-7.el2.i386.rpm |
| RedHat | 2 | i386 | ruby-tcltk | <Β 1.6.4-7.el2 | ruby-tcltk-1.6.4-7.el2.i386.rpm |
| RedHat | 2 | i386 | ruby-libs | <Β 1.6.4-7.el2 | ruby-libs-1.6.4-7.el2.i386.rpm |
| RedHat | 2 | i386 | irb | <Β 1.6.4-7.el2 | irb-1.6.4-7.el2.i386.rpm |
| RedHat | 2 | i386 | ruby | <Β 1.6.4-7.el2 | ruby-1.6.4-7.el2.i386.rpm |
| RedHat | 2 | i386 | ruby-docs | <Β 1.6.4-7.el2 | ruby-docs-1.6.4-7.el2.i386.rpm |
Related
openvas
openvas
CentOS Update for ruby CESA-2008:0895-02 centos2 i386
2009-02-27 00:00:00
RedHat Update for ruby RHSA-2008:0895-02
2009-03-06 00:00:00
RedHat Update for ruby RHSA-2008:0895-02
2009-03-06 00:00:00
centos
centos
irb, ruby security update
2008-10-22 04:31:37
irb, ruby security update
2008-10-21 16:06:28
irb, ruby security update
2008-10-24 00:04:31
nessus
nessus
RHEL 2.1 : ruby (RHSA-2008:0895)
2008-10-22 00:00:00
CentOS 3 : ruby (CESA-2008:0896)
2008-10-22 00:00:00
RHEL 3 : ruby (RHSA-2008:0896)
2008-10-22 00:00:00
redhat
redhat
(RHSA-2008:0896) Moderate: ruby security update
2008-10-21 00:00:00
(RHSA-2008:0897) Moderate: ruby security update
2008-10-21 00:00:00
oraclelinux
oraclelinux
ruby security update
2008-10-21 00:00:00
ruby security update
2008-10-21 00:00:00
debian
debian
[SECURITY] [DSA 1695-1] New Ruby packages fix denial of service
2009-01-02 21:47:08
[SECURITY] [DSA 1652-1] New ruby1.9 packages fix several vulnerabilities
2008-10-12 09:37:58
[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities
2008-10-12 09:36:52
nvd
nvd
CVE-2008-3443
2008-08-14 23:41:00
CVE-2008-3655
2008-08-13 01:41:00
cvelist
cvelist
CVE-2008-3443
2008-08-14 23:00:00
CVE-2008-3655
2008-08-13 01:00:00
osv
osv
ruby1.8 ruby1.9 - denial of service
2009-01-02 00:00:00
ruby1.9 - several vulnerabilities
2008-10-12 00:00:00
ruby1.8 - several vulnerabilities
2008-10-12 00:00:00
seebug
seebug
Ruby regex.cθΏη¨ζη»ζε‘ζΌζ΄
2009-01-06 00:00:00
prion
prion
Design/Logic Flaw
2008-08-14 23:41:00
Design/Logic Flaw
2008-08-13 01:41:00
ubuntucve
ubuntucve
CVE-2008-3443
2008-08-14 00:00:00
CVE-2008-3655
2008-08-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:26:04
Access Control Bypass
2020-04-10 00:26:04
cve
cve
CVE-2008-3443
2008-08-14 23:41:00
CVE-2008-3655
2008-08-13 01:41:00
ubuntu
ubuntu
Ruby vulnerability
2008-12-16 00:00:00
Ruby vulnerabilities
2008-10-10 00:00:00
freebsd
freebsd
ruby -- multiple vulnerabilities in safe level
2008-08-08 00:00:00
ruby -- DoS vulnerability in WEBrick
2008-08-08 00:00:00
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03
fedora
fedora
[SECURITY] Fedora 8 Update: ruby-1.8.6.287-2.fc8
2008-10-09 21:35:31
[SECURITY] Fedora 9 Update: ruby-1.8.6.287-2.fc9
2008-10-09 21:29:45
gentoo
gentoo
Ruby: Multiple vulnerabilities
2008-12-16 00:00:00
securityvulns
securityvulns
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00