LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2006-1440 (ruby)



From:
    	      "Akira Tagoh" <tagoh@redhat.com>


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora Core 5 Update: ruby-1.8.5.2-1.fc5


Date:
    	      Mon, 11 Dec 2006 11:13:58 -0500


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-1440
2006-12-11
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : ruby
Version     : 1.8.5.2
Release     : 1.fc5
Summary     : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming.  It has many features to process text
files and to do system management tasks (as in Perl).  It is simple,
straight-forward, and extensible.

---------------------------------------------------------------------

* Mon Dec 11 2006 Akira TAGOH <tagoh@redhat.com> - 1.8.5.2-1
- security fix release. (#218289)
* Fri Oct 27 2006 Akira TAGOH <tagoh@redhat.com> - 1.8.5-1
- security fix release.
- ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that
  causes the denial of service. (#212396)
- backport fixes from devel.
  - fixed rbconfig.rb to refer to DESTDIR for sitearchdir. (#207311)
  - updates to 1.8.5
    - removed the unnecessary patches:
      ruby-1.8.4-no-eaccess.patch, ruby-1.8.4-64bit-pack.patch,
      ruby-1.8.4-fix-insecure-dir-operation.patch,
      ruby-1.8.4-fix-insecure-regexp-modification.patch,
      ruby-1.8.4-fix-alias-safe-level.patch.
    - build with --enable-pthread except on ppc.
  - ruby-1.8.5-hash-memory-leak.patch: backported from CVS to fix a memory leak
    on Hash. [ruby-talk:211233]
  - owns sitearchdir. (#201208)
* Thu Jul 20 2006 Akira TAGOH <tagoh@redhat.com> - 1.8.4-8
- security fixes [CVE-2006-3694]
  - ruby-1.8.4-fix-insecure-dir-operation.patch:
  - ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure
    operations in the certain safe-level restrictions. (#199538)
  - ruby-1.8.4-fix-alias-safe-level.patch: fixed to not bypass the certain
    safe-level restrictions. (#199543)
* Mon Jun 19 2006 Akira TAGOH <tagoh@redhat.com> - 1.8.4-7.fc5
- fixed the wrong file list again. moved tcltk library into ruby-tcltk.
  (#195872)
* Thu Jun  8 2006 Akira TAGOH <tagoh@redhat.com> - 1.8.4-5.fc5
- ruby-deprecated-search-path.patch: applied to add more search path
  for backward compatibility.
- added byacc to BuildReq.
- exclude ppc64 to make ruby-mode package. right now emacs.ppc64 isn't provided
  and buildsys became much stricter.
* Wed May 17 2006 Akira TAGOH <tagoh@redhat.com> - 1.8.4-4.fc5
- correct sitelibdir. (#184198)
- ruby-rubyprefix.patch: moved all arch-independent modules under /usr/lib/ruby
  and keep arch-dependent modules under /usr/lib64/ruby for 64bit archs.
  so 'rubylibdir', 'sitelibdir' and 'sitedir' in Config::CONFIG points to
  the kind of /usr/lib/ruby now. (#184199)
- ruby-deprecated-search-path.patch: added the deprecated installation paths
  to the search path for the backward compatibility.
- added a Provides: ruby(abi) to ruby-libs.
- ruby-1.8.4-64bit-pack.patch: backport patch from upstream to fix unpack("l")
  not working on 64bit arch and integer overflow on template "w". (#189350)
- updated License tag to be more comfortable, and with a pointer to get more
  details, like Python package does. (#179933)
- clean up.

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/u...

7ce81d3d2a19ce1b9c52b51fa04d1e8b1c8f7499  SRPMS/ruby-1.8.5.2-1.fc5.src.rpm
7ce81d3d2a19ce1b9c52b51fa04d1e8b1c8f7499  noarch/ruby-1.8.5.2-1.fc5.src.rpm
fffc6f292c90479b4882d006a1e61d1defe652b7  ppc/ruby-ri-1.8.5.2-1.fc5.ppc.rpm
c218e8195ff354bc48b49b0eecb9dc5180cc8393  ppc/ruby-rdoc-1.8.5.2-1.fc5.ppc.rpm
ec3b39b1f02c7a472f16a5f0b6ea762b6141c95f  ppc/ruby-libs-1.8.5.2-1.fc5.ppc.rpm
450fe21a323aca1197e05296753ff1a682232e5c  ppc/ruby-irb-1.8.5.2-1.fc5.ppc.rpm
6b7ae8911cd61643cd8b0b0b6a83fe35064daa6f  ppc/ruby-1.8.5.2-1.fc5.ppc.rpm
33691cebb4b6adab1339876dcdf1c80d6ba5cc12  ppc/ruby-devel-1.8.5.2-1.fc5.ppc.rpm
b49f473f686431cda259b9ad0fc3112c26faa901  ppc/ruby-mode-1.8.5.2-1.fc5.ppc.rpm
319da4b82d36f2b8001d6637ffb49551295de40a  ppc/ruby-tcltk-1.8.5.2-1.fc5.ppc.rpm
fffacda5a7a9c3b7e67da4c5311184ab88d89a09  ppc/debug/ruby-debuginfo-1.8.5.2-1.fc5.ppc.rpm
32d8c171fa5450b13966e2f45046db026868b325  ppc/ruby-docs-1.8.5.2-1.fc5.ppc.rpm
60750e80aeba7c65cc2437ec3197dd72ca456b1c  x86_64/ruby-irb-1.8.5.2-1.fc5.x86_64.rpm
f56285ca4e8e23e999d25982dce191ad91647801  x86_64/ruby-devel-1.8.5.2-1.fc5.x86_64.rpm
957b5d7fab1873e0d2aa300ca66a69d35d128eb4  x86_64/ruby-mode-1.8.5.2-1.fc5.x86_64.rpm
8a4991a738c757b60f84d99836eb9544e22fa1d3  x86_64/ruby-rdoc-1.8.5.2-1.fc5.x86_64.rpm
7ee23df67f795c6db0a61944f714140db56e7b44  x86_64/debug/ruby-debuginfo-1.8.5.2-1.fc5.x86_64.rpm
1493c4bc7d6427bc871ec2caebc378cd04943bfd  x86_64/ruby-1.8.5.2-1.fc5.x86_64.rpm
fcd748713afb8373778256f94075068a3ffe4d76  x86_64/ruby-ri-1.8.5.2-1.fc5.x86_64.rpm
4d26ca6f7f397593ac9350b4d7491344d4dffc17  x86_64/ruby-tcltk-1.8.5.2-1.fc5.x86_64.rpm
aabc208072b1aacb5b38416512c49f6c541a3c03  x86_64/ruby-libs-1.8.5.2-1.fc5.x86_64.rpm
7ea3434c13b7ccbf46a857950dcf360e271e72f3  x86_64/ruby-docs-1.8.5.2-1.fc5.x86_64.rpm
92713e123e949293e3b21e84d4b89aead6c63f56  i386/debug/ruby-debuginfo-1.8.5.2-1.fc5.i386.rpm
0eba418c244365612c006052aceaae3bbea6e99b  i386/ruby-1.8.5.2-1.fc5.i386.rpm
9fde02ec000fea4f1afbe7ed0251692c7fcc0ec2  i386/ruby-rdoc-1.8.5.2-1.fc5.i386.rpm
e9ccf8c7a58f5388be5d85726f718c48d1d0af11  i386/ruby-libs-1.8.5.2-1.fc5.i386.rpm
d4cb1fd7c1a643c7f6fc1c0e5f2ec78f147036c1  i386/ruby-tcltk-1.8.5.2-1.fc5.i386.rpm
90b7a6bd6a6f012b2cff021fea238ba81c8a8209  i386/ruby-mode-1.8.5.2-1.fc5.i386.rpm
df8af0fb438e5155127ce00d8329078108972fc9  i386/ruby-docs-1.8.5.2-1.fc5.i386.rpm
87931e5ecffbc0982fed03e8fbfbeda20505e75e  i386/ruby-devel-1.8.5.2-1.fc5.i386.rpm
21f187e12a24f41396c231298b10e79e9b268a87  i386/ruby-ri-1.8.5.2-1.fc5.i386.rpm
e2162b3e13fd4a418bd325f96352f7e13b7bb532  i386/ruby-irb-1.8.5.2-1.fc5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds