ruby-devel-1.8.5-31.el5_9.i386
[559 KiB] |
Changelog
by Vít Ondruch (2013-07-08):
- Fix regression introduced by CVE-2013-4073
https://bugs.ruby-lang.org/issues/8575
* ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch
- Related: rhbz#979297
|
ruby-devel-1.8.5-31.el5_9.x86_64
[567 KiB] |
Changelog
by Vít Ondruch (2013-07-08):
- Fix regression introduced by CVE-2013-4073
https://bugs.ruby-lang.org/issues/8575
* ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch
- Related: rhbz#979297
|
ruby-devel-1.8.5-29.el5_9.x86_64
[567 KiB] |
Changelog
by Vít Ondruch (2013-02-28):
- Fix regression introduced by fix for entity expansion DOS vulnerability
in REXML (https://bugs.ruby-lang.org/issues/7961)
* ruby-2.0.0-add-missing-rexml-require.patch
- Related: rhbz#915377
|
ruby-devel-1.8.5-29.el5_9.i386
[558 KiB] |
Changelog
by Vít Ondruch (2013-02-28):
- Fix regression introduced by fix for entity expansion DOS vulnerability
in REXML (https://bugs.ruby-lang.org/issues/7961)
* ruby-2.0.0-add-missing-rexml-require.patch
- Related: rhbz#915377
|
ruby-devel-1.8.5-27.el5.x86_64
[566 KiB] |
Changelog
by Vít Ondruch (2012-10-25):
- unintentional file creation caused by inserting an illegal NUL character
* ruby-1.8.6-CVE-2012-4522-io.c-pipe_open-command-name-should-not-contain-null-.patch
- Related: rhbz#867750
|
ruby-devel-1.8.5-27.el5.i386
[558 KiB] |
Changelog
by Vít Ondruch (2012-10-25):
- unintentional file creation caused by inserting an illegal NUL character
* ruby-1.8.6-CVE-2012-4522-io.c-pipe_open-command-name-should-not-contain-null-.patch
- Related: rhbz#867750
|
ruby-devel-1.8.5-22.el5_7.1.x86_64
[565 KiB] |
Changelog
by Vít Ondruch (2012-01-17):
- Properly initialize the random number generator when forking new process
* ruby-1.8.7-CVE-2011-3009.patch
- Related: rhbz#768829
|
ruby-devel-1.8.5-22.el5_7.1.i386
[557 KiB] |
Changelog
by Vít Ondruch (2012-01-17):
- Properly initialize the random number generator when forking new process
* ruby-1.8.7-CVE-2011-3009.patch
- Related: rhbz#768829
|
ruby-devel-1.8.5-19.el5_6.1.i386
[556 KiB] |
Changelog
by Vít Ondruch (2011-05-02):
- Address CVE-2011-1004 "Symlink race condition by removing directory trees in
fileutils module"
* ruby-1.8.7-CVE-2011-1004.patch
- Address CVE-2011-1005 "Untrusted codes able to modify arbitrary strings"
* ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 "memory corruption in BigDecimal on 64bit platforms"
* ruby-1.8.7-CVE-2011-0188.patch
- Address CVE-CVE-2010-0541 "Ruby WEBrick javascript injection flaw"
* ruby-1.8.7-CVE-2010-0541.patch
- Address CVE-CVE-2009-4492 "ruby WEBrick log escape sequence"
* ruby-1.8.6-CVE-2009-4492.patch
- Resolves: rhbz#709957
|
ruby-devel-1.8.5-19.el5_6.1.x86_64
[564 KiB] |
Changelog
by Vít Ondruch (2011-05-02):
- Address CVE-2011-1004 "Symlink race condition by removing directory trees in
fileutils module"
* ruby-1.8.7-CVE-2011-1004.patch
- Address CVE-2011-1005 "Untrusted codes able to modify arbitrary strings"
* ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 "memory corruption in BigDecimal on 64bit platforms"
* ruby-1.8.7-CVE-2011-0188.patch
- Address CVE-CVE-2010-0541 "Ruby WEBrick javascript injection flaw"
* ruby-1.8.7-CVE-2010-0541.patch
- Address CVE-CVE-2009-4492 "ruby WEBrick log escape sequence"
* ruby-1.8.6-CVE-2009-4492.patch
- Resolves: rhbz#709957
|