[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 300-1] ruby1.9.1 security update



Package        : ruby1.9.1
Version        : 1.9.2.0-2+deb6u7
CVE ID         : CVE-2009-5147

"sheepman" fixed a vulnerability in Ruby 1.9.1: DL::dlopen could open a
library with tainted name even if $SAFE > 0.

For Debian 6 “Squeeze”, this issue has been fixed in ruby1.9.1
1.9.2.0-2+deb6u7

Attachment: signature.asc
Description: Digital signature


Reply to: