MDVSA-2009:177
- Package name
- ruby
- Date
- 2009-07-29
- Advisory ID
- MDVSA-2009:177
- Affected versions
- MES5 i586 , MES5 x86_64
Problem description
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before
p173 allows context-dependent attackers to cause a denial of service
(application crash) via a string argument that represents a large
number, as demonstrated by an attempted conversion to the Float
data type.
This update corrects the problem.
Updated packages
MES5 i586
d522ab4a96f29c8ae4cb60c73e750457 mes5/i586/ruby-1.8.7-7p72.1mdvmes5.i586.rpm 9aa6efe7e8ee13bf9c718579e9248e55 mes5/i586/ruby-devel-1.8.7-7p72.1mdvmes5.i586.rpm c64ccd9e38432c5f035752d4b60acbf3 mes5/i586/ruby-doc-1.8.7-7p72.1mdvmes5.i586.rpm 670b08d1f4e72978ed94aaa8817f94a8 mes5/i586/ruby-tk-1.8.7-7p72.1mdvmes5.i586.rpm 81fa60b8e779527ab38e1f1e29fbbab7 mes5/SRPMS/ruby-1.8.7-7p72.1mdvmes5.src.rpm
MES5 x86_64
0956bc7cc93aa4e5d0f91b9b24932f64 mes5/x86_64/ruby-1.8.7-7p72.1mdvmes5.x86_64.rpm 0dd370e2bf7e06c17080c9c952a1b691 mes5/x86_64/ruby-devel-1.8.7-7p72.1mdvmes5.x86_64.rpm a43cd3b48a9c25d7e0263885034cf6a0 mes5/x86_64/ruby-doc-1.8.7-7p72.1mdvmes5.x86_64.rpm 033e65a325fe239f5ea24fa04fcbdf5e mes5/x86_64/ruby-tk-1.8.7-7p72.1mdvmes5.x86_64.rpm 81fa60b8e779527ab38e1f1e29fbbab7 mes5/SRPMS/ruby-1.8.7-7p72.1mdvmes5.src.rpm