|
|
Subscribe / Log in / New account

ruby: two access restriction bypass flaws

Package(s):ruby1.9.1 CVE #(s):CVE-2012-4464 CVE-2012-4466
Created:October 11, 2012 Updated:November 5, 2012
Description:

From the Ubuntu advisory:

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. (CVE-2012-4464, CVE-2012-4466)

Alerts:
Mandriva MDVSA-2013:124 ruby 2013-04-10
openSUSE openSUSE-SU-2013:0376-1 ruby19 2013-03-01
Red Hat RHSA-2013:0582-01 openshift 2013-02-28
Ubuntu USN-1603-2 ruby1.8 2012-10-22
Ubuntu USN-1614-1 ruby1.9.1 2012-10-22
Mageia MGASA-2012-0294 ruby 2012-10-14
Fedora FEDORA-2012-15507 ruby 2012-10-14
Fedora FEDORA-2012-15395 ruby 2012-10-14
Ubuntu USN-1603-1 ruby1.8 2012-10-10
Ubuntu USN-1602-1 ruby1.9.1 2012-10-10
openSUSE openSUSE-SU-2012:1443-1 ruby 2012-11-05
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds