MDKSA-2004:128
- Package name
- ruby
- Date
- 2004-11-08
- Advisory ID
- MDKSA-2004:128
- Affected versions
- 9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , 9.2 i586 , CS2.1 i586 , 10.1 x86_64
Problem description
Andres Salomon noticed a problem with the CGI session management in Ruby. The CGI:Session's FileStore implementations store session information in an insecure manner by just creating files and ignoring permission issues (CAN-2004-0755). The ruby developers have corrected a problem in the ruby CGI module that can be triggered remotely and cause an inifinite loop on the server (CAN-2004-0983). The updated packages are patched to prevent these problems.
Updated packages
9.2 amd64
c4d3b440f5c11465b8d496bf4f531df4 amd64/9.2/RPMS/ruby-1.8.0-4.2.92mdk.amd64.rpm ca6c4b4aac7aa3d091ef62f0cefa3820 amd64/9.2/RPMS/ruby-devel-1.8.0-4.2.92mdk.amd64.rpm ce56f743c39e354939ff4ca43f288d14 amd64/9.2/RPMS/ruby-doc-1.8.0-4.2.92mdk.amd64.rpm 096e63f35549468726f50ffe2bfa28e7 amd64/9.2/RPMS/ruby-tk-1.8.0-4.2.92mdk.amd64.rpm 95e4882f99900e40a8e9680ecf5d08e1 amd64/9.2/SRPMS/ruby-1.8.0-4.2.92mdk.src.rpm
CS2.1 x86_64
175f8a45c99de3487df134df6fb22ef4 x86_64/corporate/2.1/RPMS/ruby-1.6.7-5.2.C21mdk.x86_64.rpm 1d303628932bff75f684be71a6e453f1 x86_64/corporate/2.1/RPMS/ruby-devel-1.6.7-5.2.C21mdk.x86_64.rpm a937b87c10e5f3ecb41610e64b09c9ba x86_64/corporate/2.1/RPMS/ruby-doc-1.6.7-5.2.C21mdk.x86_64.rpm 40a44ec634f8929394835d5c561ad212 x86_64/corporate/2.1/RPMS/ruby-tk-1.6.7-5.2.C21mdk.x86_64.rpm 451b383b9a34d35fb11bab1e917437de x86_64/corporate/2.1/SRPMS/ruby-1.6.7-5.2.C21mdk.src.rpm
10.0 amd64
a264a378c30202cea578c9a4594b3eeb amd64/10.0/RPMS/ruby-1.8.1-1.2.100mdk.amd64.rpm 37bfe093ef80363bedba7b2dadf51bd6 amd64/10.0/RPMS/ruby-devel-1.8.1-1.2.100mdk.amd64.rpm f87a35ff158820c1e237306a76ad45c2 amd64/10.0/RPMS/ruby-doc-1.8.1-1.2.100mdk.amd64.rpm c2bed939a9ca7da197f949b71a3a1687 amd64/10.0/RPMS/ruby-tk-1.8.1-1.2.100mdk.amd64.rpm 35abe65664a41317a279ef320d56ac46 amd64/10.0/SRPMS/ruby-1.8.1-1.2.100mdk.src.rpm
10.1 i586
101f9a5772044b5267a1be98b36dcac5 10.1/RPMS/ruby-1.8.1-4.2.101mdk.i586.rpm 72c1c8413c801e599dfc174041754384 10.1/RPMS/ruby-devel-1.8.1-4.2.101mdk.i586.rpm b9c6fce1facc4bdbf829435b6075d266 10.1/RPMS/ruby-doc-1.8.1-4.2.101mdk.i586.rpm b2f516a033fb089f5a5819dcb9f2a38c 10.1/RPMS/ruby-tk-1.8.1-4.2.101mdk.i586.rpm d356531e89645a5aa9e2f5ad7dac55dd 10.1/SRPMS/ruby-1.8.1-4.2.101mdk.src.rpm
10.0 i586
78ad14ec966b0555089e94ad19604b44 10.0/RPMS/ruby-1.8.1-1.2.100mdk.i586.rpm 33d12ff3583ced4c88be97fb473b0813 10.0/RPMS/ruby-devel-1.8.1-1.2.100mdk.i586.rpm 776bfc4df4f2c093efceebe470391707 10.0/RPMS/ruby-doc-1.8.1-1.2.100mdk.i586.rpm 890a20e02c7f46b47adf6a8f78223659 10.0/RPMS/ruby-tk-1.8.1-1.2.100mdk.i586.rpm 35abe65664a41317a279ef320d56ac46 10.0/SRPMS/ruby-1.8.1-1.2.100mdk.src.rpm
9.2 i586
6f8ee2c9308debe5b391b322f93e9524 9.2/RPMS/ruby-1.8.0-4.2.92mdk.i586.rpm 58cabdd982a8c760e7af0fb5e81d9dc7 9.2/RPMS/ruby-devel-1.8.0-4.2.92mdk.i586.rpm c7b7d678f4cb76b79996380f2f04a747 9.2/RPMS/ruby-doc-1.8.0-4.2.92mdk.i586.rpm c613fe92253fdfe9f581eb0af17f75d1 9.2/RPMS/ruby-tk-1.8.0-4.2.92mdk.i586.rpm 95e4882f99900e40a8e9680ecf5d08e1 9.2/SRPMS/ruby-1.8.0-4.2.92mdk.src.rpm
CS2.1 i586
8467a2a206b02e729e39601e1762af1c corporate/2.1/RPMS/ruby-1.6.7-5.2.C21mdk.i586.rpm 236abcc01b4cabc4f70bbf76d73a604b corporate/2.1/RPMS/ruby-devel-1.6.7-5.2.C21mdk.i586.rpm 47155447664218a143dca3f9c03c1316 corporate/2.1/RPMS/ruby-doc-1.6.7-5.2.C21mdk.i586.rpm 97ca9727e9f927e30723eeda3a935568 corporate/2.1/RPMS/ruby-tk-1.6.7-5.2.C21mdk.i586.rpm 451b383b9a34d35fb11bab1e917437de corporate/2.1/SRPMS/ruby-1.6.7-5.2.C21mdk.src.rpm
10.1 x86_64
dc340846e8c30a4ef9115eb7e20520c3 x86_64/10.1/RPMS/ruby-1.8.1-4.2.101mdk.x86_64.rpm 234644faf341899ae3f251cbfb09f0da x86_64/10.1/RPMS/ruby-devel-1.8.1-4.2.101mdk.x86_64.rpm b4b7876cc7762e09469e2d60ccb7f4f2 x86_64/10.1/RPMS/ruby-doc-1.8.1-4.2.101mdk.x86_64.rpm 4177169d6970c4dd3210ca8a15cffead x86_64/10.1/RPMS/ruby-tk-1.8.1-4.2.101mdk.x86_64.rpm d356531e89645a5aa9e2f5ad7dac55dd x86_64/10.1/SRPMS/ruby-1.8.1-4.2.101mdk.src.rpm