|
|
| Problem Description |
A vulnerability was discovered in ruby version 1.8 that could allow for
the execution of arbitrary commands on a server running the ruby xmlrpc
server.
The updated packages have been patched to address this issue.
| Updated Packages |
Mandrakelinux 10.1
043863c657386a3854a0360efe400485 10.1/RPMS/ruby-1.8.1-4.3.101mdk.i586.rpm 2a8de5aaf553cae5ba5fc4ce64989c2a 10.1/RPMS/ruby-devel-1.8.1-4.3.101mdk.i586.rpm b05c05c460299fb987781b1a7bcb76a3 10.1/RPMS/ruby-doc-1.8.1-4.3.101mdk.i586.rpm a639754ad5ddec161d3e6310d2c8f597 10.1/RPMS/ruby-tk-1.8.1-4.3.101mdk.i586.rpm 6b8c255d78584b374868f68c0fba1f9a 10.1/SRPMS/ruby-1.8.1-4.3.101mdk.src.rpm
Mandrakelinux 10.1/X86_64
422ce1ef49205b71ec46cba5b324596e x86_64/10.1/RPMS/ruby-1.8.1-4.3.101mdk.x86_64.rpm 9cd8d758760b3a6f8e2d294b49974795 x86_64/10.1/RPMS/ruby-devel-1.8.1-4.3.101mdk.x86_64.rpm d1f77bd35fec7be67c174d421004cc99 x86_64/10.1/RPMS/ruby-doc-1.8.1-4.3.101mdk.x86_64.rpm ff201be467588f67119dac4c77d2451d x86_64/10.1/RPMS/ruby-tk-1.8.1-4.3.101mdk.x86_64.rpm 6b8c255d78584b374868f68c0fba1f9a x86_64/10.1/SRPMS/ruby-1.8.1-4.3.101mdk.src.rpm
Corporate Server 3.0
ee7b55f434cddfabbb51ff7de4b4300a corporate/3.0/RPMS/ruby-1.8.1-1.3.C30mdk.i586.rpm 8f30c891611ec8a94f2547ea9d6fc4f5 corporate/3.0/RPMS/ruby-devel-1.8.1-1.3.C30mdk.i586.rpm 82012434d3fe44cfd6d3f22643382134 corporate/3.0/RPMS/ruby-doc-1.8.1-1.3.C30mdk.i586.rpm fac1f5244b97d58523ddf13afa550889 corporate/3.0/RPMS/ruby-tk-1.8.1-1.3.C30mdk.i586.rpm 7781778b81a36b85cfb60424337ab463 corporate/3.0/SRPMS/ruby-1.8.1-1.3.C30mdk.src.rpm
Corporate Server 3.0/X86_64
8dccd5b797263c2784a6159bdf1b4614 x86_64/corporate/3.0/RPMS/ruby-1.8.1-1.3.C30mdk.x86_64.rpm 89b25dcefd9e99b9b67255f1ed862946 x86_64/corporate/3.0/RPMS/ruby-devel-1.8.1-1.3.C30mdk.x86_64.rpm 24559489e7e1aebe6f7f788caa31d0c3 x86_64/corporate/3.0/RPMS/ruby-doc-1.8.1-1.3.C30mdk.x86_64.rpm 2737e9bdaafe436bcec1a367d4c80c82 x86_64/corporate/3.0/RPMS/ruby-tk-1.8.1-1.3.C30mdk.x86_64.rpm 7781778b81a36b85cfb60424337ab463 x86_64/corporate/3.0/SRPMS/ruby-1.8.1-1.3.C30mdk.src.rpm
Mandriva Linux LE2005
1abe15ec37c10254da6f869a91f462d6 10.2/RPMS/ruby-1.8.2-6.1.102mdk.i586.rpm 69902e1e9f69fa0417de527b86b08129 10.2/RPMS/ruby-devel-1.8.2-6.1.102mdk.i586.rpm 79d13e6dc12446bf0d4ceba8f3891746 10.2/RPMS/ruby-doc-1.8.2-6.1.102mdk.i586.rpm 4d1bae45003f12c8f640354654d08c66 10.2/RPMS/ruby-tk-1.8.2-6.1.102mdk.i586.rpm 72470b9bdecc8085247dd3ea9bfd026e 10.2/SRPMS/ruby-1.8.2-6.1.102mdk.src.rpm
Mandriva Linux LE2005/X86_64
6defbc537392fd90ca86512ec16f84ba x86_64/10.2/RPMS/ruby-1.8.2-6.1.102mdk.x86_64.rpm 42f826518c7e2d7184409006156e85a1 x86_64/10.2/RPMS/ruby-devel-1.8.2-6.1.102mdk.x86_64.rpm be826ba64425c2b6257ae2106311c4ba x86_64/10.2/RPMS/ruby-doc-1.8.2-6.1.102mdk.x86_64.rpm a229474a25b363f856dc73999e620409 x86_64/10.2/RPMS/ruby-tk-1.8.2-6.1.102mdk.x86_64.rpm 72470b9bdecc8085247dd3ea9bfd026e x86_64/10.2/SRPMS/ruby-1.8.2-6.1.102mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1992
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.