[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 299-1] ruby1.8 security update



Package        : ruby1.8
Version        : 1.8.7.302-2squeeze5
CVE ID         : CVE-2009-5147

"sheepman" fixed a vulnerability in Ruby 1.8: DL::dlopen could open a library
with tainted name even if $SAFE > 0.

For Debian 6 “Squeeze”, this issue has been fixed in ruby1.8
1.8.7.302-2squeeze5.

Attachment: signature.asc
Description: Digital signature


Reply to: