MDVSA-2008:226

Package name

ruby

Date

2008-11-06

Advisory ID

MDVSA-2008:226

Affected versions

CS4.0 i586 , CS4.0 x86_64 , 2008.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586

Problem description

A denial of service condition was found in Ruby's regular expression
engine. If a Ruby script tried to process a large amount of data
via a regular expression, it could cause Ruby to enter an infinite
loop and crash (CVE-2008-3443).

A number of flaws were found in Ruby that could allow an attacker to
create a carefully crafted script that could allow for the bypass of
certain safe-level restrictions (CVE-2008-3655).

A denial of service vulnerability was found in Ruby's HTTP server
toolkit, WEBrick. A remote attacker could send a specially-crafted
HTTP request to a WEBrick server that would cause it to use an
excessive amount of CPU time (CVE-2008-3656).

An insufficient taintness check issue was found in Ruby's DL module,
a module that provides direct access to the C language functions.
This flaw could be used by an attacker to bypass intended safe-level
restrictions by calling external C functions with the arguments from
an untrusted tainted input (CVE-2008-3657).

A denial of service condition in Ruby's XML document parsing module
(REXML) could cause a Ruby application using the REXML module to use
an excessive amount of CPU and memory via XML documents with large
XML entitity definitions recursion (CVE-2008-3790).

The Ruby DNS resolver library used predictable transaction IDs and
a fixed source port when sending DNS requests. This could be used
by a remote attacker to spoof a malicious reply to a DNS query
(CVE-2008-3905).

The updated packages have been patched to correct these issues.

Updated packages

CS4.0 i586

 ea4101b61511cbd99ec83ee7f9c4e45b  corporate/4.0/i586/ruby-1.8.2-7.8.20060mlcs4.i586.rpm
 b2390656cf0a64924b2f2f8447201f07  corporate/4.0/i586/ruby-devel-1.8.2-7.8.20060mlcs4.i586.rpm
 59ebdc2d52f835bbd0a30c06516e9188  corporate/4.0/i586/ruby-doc-1.8.2-7.8.20060mlcs4.i586.rpm
 a5d04af4072f84a0fcd02e8367a6e895  corporate/4.0/i586/ruby-tk-1.8.2-7.8.20060mlcs4.i586.rpm 
 ba2d3c2e6e80eb1a75beef6974dc4ce8  corporate/4.0/SRPMS/ruby-1.8.2-7.8.20060mlcs4.src.rpm

CS4.0 x86_64

 a3f6881a877878c369b44ebb7f4b19b6  corporate/4.0/x86_64/ruby-1.8.2-7.8.20060mlcs4.x86_64.rpm
 173d10379f418d0ff45250428f4afb0b  corporate/4.0/x86_64/ruby-devel-1.8.2-7.8.20060mlcs4.x86_64.rpm
 4ac867f94c8edb8f905d3cb5baa38a70  corporate/4.0/x86_64/ruby-doc-1.8.2-7.8.20060mlcs4.x86_64.rpm
 378b79e48075344eb0f4078e8a6a2b6b  corporate/4.0/x86_64/ruby-tk-1.8.2-7.8.20060mlcs4.x86_64.rpm 
 ba2d3c2e6e80eb1a75beef6974dc4ce8  corporate/4.0/SRPMS/ruby-1.8.2-7.8.20060mlcs4.src.rpm

2008.0 i586

 b0f0593d07a6631aaa701924c6beacff  2008.0/i586/ruby-1.8.6-5.3mdv2008.0.i586.rpm
 7d914e909536c61b2ce0ad112229054c  2008.0/i586/ruby-devel-1.8.6-5.3mdv2008.0.i586.rpm
 35ab076f8519d913074acb3f8add7365  2008.0/i586/ruby-doc-1.8.6-5.3mdv2008.0.i586.rpm
 0e2b9e08dd9180b17391f0dc1d88bc64  2008.0/i586/ruby-tk-1.8.6-5.3mdv2008.0.i586.rpm 
 df8cd74ee6670f3f016c5e1b7912ba2a  2008.0/SRPMS/ruby-1.8.6-5.3mdv2008.0.src.rpm

CS3.0 x86_64

 c64d31b7335cd132cc55b5cc0e83b29e  corporate/3.0/x86_64/ruby-1.8.1-1.11.C30mdk.x86_64.rpm
 3cca31c2e518eb9500c6961ed3b63952  corporate/3.0/x86_64/ruby-devel-1.8.1-1.11.C30mdk.x86_64.rpm
 5e700cfbd59a963514bae93fb8d40dd7  corporate/3.0/x86_64/ruby-doc-1.8.1-1.11.C30mdk.x86_64.rpm
 9358cc3244596e812a85e5ccf4d46f7e  corporate/3.0/x86_64/ruby-tk-1.8.1-1.11.C30mdk.x86_64.rpm 
 1dfa0afea4caf035cd5ada43178c2ca6  corporate/3.0/SRPMS/ruby-1.8.1-1.11.C30mdk.src.rpm

2008.0 x86_64

 198e6e4c2ae919c066d900e1d44a8ea6  2008.0/x86_64/ruby-1.8.6-5.3mdv2008.0.x86_64.rpm
 fc7e8c154348d0921f0d2002f3ee0fa9  2008.0/x86_64/ruby-devel-1.8.6-5.3mdv2008.0.x86_64.rpm
 62027ed3409c5f56d7a07128246bdd7e  2008.0/x86_64/ruby-doc-1.8.6-5.3mdv2008.0.x86_64.rpm
 e624bee3bc855bbd2068b3c850601926  2008.0/x86_64/ruby-tk-1.8.6-5.3mdv2008.0.x86_64.rpm 
 df8cd74ee6670f3f016c5e1b7912ba2a  2008.0/SRPMS/ruby-1.8.6-5.3mdv2008.0.src.rpm

CS3.0 i586

 e218f9c5549d5524a70fdc648be21766  corporate/3.0/i586/ruby-1.8.1-1.11.C30mdk.i586.rpm
 c414540664946e719205cc8ca4263564  corporate/3.0/i586/ruby-devel-1.8.1-1.11.C30mdk.i586.rpm
 34885696510659a992227caaffc7dbe2  corporate/3.0/i586/ruby-doc-1.8.1-1.11.C30mdk.i586.rpm
 f226fe7a6ed268c96cc7ebba82552288  corporate/3.0/i586/ruby-tk-1.8.1-1.11.C30mdk.i586.rpm 
 1dfa0afea4caf035cd5ada43178c2ca6  corporate/3.0/SRPMS/ruby-1.8.1-1.11.C30mdk.src.rpm

2008.1 x86_64

 a372532439a737e65f2685855d3c9109  2008.1/x86_64/ruby-1.8.6-9p114.2mdv2008.1.x86_64.rpm
 7eaa8e8b04ad12d690f8e56fb90ada6f  2008.1/x86_64/ruby-devel-1.8.6-9p114.2mdv2008.1.x86_64.rpm
 2d81cd9c9f1998c0cc18a188740b022d  2008.1/x86_64/ruby-doc-1.8.6-9p114.2mdv2008.1.x86_64.rpm
 37bb46235a75babe11c37caa3e80169e  2008.1/x86_64/ruby-tk-1.8.6-9p114.2mdv2008.1.x86_64.rpm 
 eb601f21a3a04aaccd8fdd98f31c553e  2008.1/SRPMS/ruby-1.8.6-9p114.2mdv2008.1.src.rpm

2008.1 i586

 f88546be7edc6f3801915cedd95fb1e0  2008.1/i586/ruby-1.8.6-9p114.2mdv2008.1.i586.rpm
 000b10c2fbb34006a7222b1af111a42a  2008.1/i586/ruby-devel-1.8.6-9p114.2mdv2008.1.i586.rpm
 3f84b7b9a3b7d293ae52464336bf7dc5  2008.1/i586/ruby-doc-1.8.6-9p114.2mdv2008.1.i586.rpm
 88d2ae0a40e5614cde80ba249ff6fef9  2008.1/i586/ruby-tk-1.8.6-9p114.2mdv2008.1.i586.rpm 
 eb601f21a3a04aaccd8fdd98f31c553e  2008.1/SRPMS/ruby-1.8.6-9p114.2mdv2008.1.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443