Bug 9160 - ruby new security issues fixed in 1.9.3-p392
Summary: ruby new security issues fixed in 1.9.3-p392
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Funda Wang
QA Contact:
URL: http://www.ruby-lang.org/en/news/2013...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-02-22 18:51 CET by David Walser
Modified: 2013-02-26 12:39 CET (History)
0 users

See Also:
Source RPM: ruby
CVE:
Status comment:


Attachments

Description David Walser 2013-02-22 18:51:50 CET
A new minor update to ruby 1.9 was announced today (February 22):
http://www.ruby-lang.org/en/news/2013/02/22/ruby-1-9-3-p392-is-released/

It fixes the ruby-json vulnerability in the bundled copy (CVE-2013-0269) as well as a new DoS vulnerability in REXML which doesn't have a CVE yet:
http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2013-02-26 12:39:43 CET
Fixed by Funda in ruby-1.9.3.p392-1.mga3.

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.