Gentoo has issued an advisory on July 9: http://www.gentoo.org/security/en/glsa/glsa-201207-06.xml This issue is fixed upstream in 1.6.5.1. Mageia 2 is also affected.
CC: (none) => dmorganecWhiteboard: (none) => MGA2TOO
also taking that one, thanks for the report Regards,
Status: NEW => ASSIGNEDCC: (none) => shikamaruAssignee: bugsquad => shikamaru
RedHat has issued an advisory today (December 21): https://rhn.redhat.com/errata/RHSA-2012-1604.html This adds a new CVE for JRuby, CVE-2012-5370, fixed upstream in 1.7.1. from http://lwn.net/Vulnerabilities/530373/
Summary: jruby new security issue CVE-2011-4838 => jruby new security issues CVE-2011-4838 and CVE-2012-5370
Severity: normal => major
CC: (none) => fundawang
Package removed from Cauldron. Changing version assignment to Mageia 2 only.
Version: Cauldron => 2Whiteboard: MGA2TOO => (none)
Closing this now due to Mageia 2 EOL. http://blog.mageia.org/en/2013/11/21/farewell-mageia-2/
Status: ASSIGNED => RESOLVEDResolution: (none) => OLDQA Contact: (none) => security