[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1584-1] ruby-i18n security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : ruby-i18n
Version        : 0.6.9-2+deb8u1
CVE ID         : CVE-2014-10077
Debian Bug     : #913093

It was discovered that there was a remote denial-of-service vulnerability
in ruby-i18n, a I18n and localization solution for Ruby.

An application crash could be engineering a situation where `:some_key` is
present in the `keep_keys` structure but not present in the hash.

For Debian 8 "Jessie", this issue has been fixed in ruby-i18n version
0.6.9-2+deb8u1.

We recommend that you upgrade your ruby-i18n packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlv1JIIACgkQHpU+J9Qx
HlgpiQ/+J7IlWMZcUr00qRKpShdJviGrhcYow4a7chQ5wKGIn4x/KnOfy/B9f3Zh
JAYtfFpMmPZIfvybrKAKABqz+kaKQ4h5jOE6iAT7qKLK3m671M/reMX3O5NU/n4c
XjWxmXB8IC1KyyX1bFSckS8cDXqSdkuTTcSIOi1TMjbhJ9kVVo78i7PHIjqtYlNY
Q5yFA5Mx6hdGEgK0XZ1nStr2o+FuI/NVcB7+ZyxigzPgoJYbBUf/LXA8m9lrFiL/
WDLMO+P5KlwIgY1Gwvh3T1Z0oVnd7llHOoo+wHevD8rn3o15/YHInJIod2mAgdOB
oEMxIG04dI/pWeTP2ktuA8Wa+RmcWGXUBSGpR6dcB4S+w9M4BLadjMwFIXo93MaD
h2zH+pH86YyamradQ7adF008wZHLyeWUvnFskjzBElnfSQ1vWr/m91kPgs2bVSLK
wkq0zRY77drOKGufVW0o1v9YPEjbqcgAKk8xf56uc202pCAfa5Uo2TtTSu+mlwKl
J8UNR2iI2xUlsa7T23eQRnUNaAeO7WxJFgZONa9pXiM1+NdpDUfbfFpnkuTYYoy7
YvyvvWIJ4RcgZksLrpz0Z2YdW+8J2mSGXMdJFD7xd9xHRmu8HGjVU12s9nVf1YI9
MfBCfgBEDlHt7L20UYTxi1Jv7Dw6dr+NtBJFYNJiWuG7gHbZ4lI=
=L1yK
-----END PGP SIGNATURE-----


Reply to: