** Changed in: ruby1.9 (Ubuntu Dapper)
Status: Triaged = Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/241657
Title:
Multiple vulnerabilities in Ruby may lead to a denial of
** Branch linked: lp:ubuntu/dapper-updates/ruby1.8
** Branch linked: lp:~ubuntu-branches/ubuntu/feisty/ruby1.8/feisty-
security
** Branch linked: lp:ubuntu/hardy-updates/ruby1.8
** Branch linked: lp:ubuntu/gutsy-updates/ruby1.8
--
Multiple vulnerabilities in Ruby may lead to a denial of
The 18 month support period for Gutsy Gibbon 7.10 has reached its end of life -
http://www.ubuntu.com/news/ubuntu-7.10-eol . As a result, we are closing the
Gutsy task.
** Changed in: ruby1.9 (Ubuntu Gutsy)
Status: Triaged = Won't Fix
--
Multiple vulnerabilities in Ruby may lead to a
Ubuntu Feisty Fawn is no longer supported, so a SRU will not be issued
for this release. Marking Feisty as Won't Fix.
** Changed in: ruby1.9 (Ubuntu Feisty)
Status: Triaged = Won't Fix
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution
Please could someone mark this as Won't Fix for Feisty?
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are a member of Ubuntu
Bugs,
You can use Ruby 1.8.6 patch 111 in Ubuntu 8.10
See the article:
http://railsgeek.com/2008/11/27/ubuntu-8-10-downgrade-ruby-1-8-7-to-1-8-6
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
from http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-
rexml/
There is a DoS vulnerability in the REXML library used by Rails to parse
incoming XML requests. A so-called XML entity explosion attack technique can
be used for remotely bringing down (disabling) any application
** Changed in: ruby1.8 (Debian)
Status: New = Fix Released
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are a member of
** Changed in: ruby1.9 (Ubuntu Intrepid)
Status: In Progress = Fix Committed
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are
Fixed in ruby1.9 1.9.0.2-1ubuntu1
** Changed in: ruby1.9 (Ubuntu Intrepid)
Status: Fix Committed = Fix Released
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received
Removed CVE-2008-2727 and CVE-2008-2728 as they are for ruby1.6.
** Changed in: ruby1.8 (Ubuntu Dapper)
Status: In Progress = Fix Committed
** Changed in: ruby1.8 (Ubuntu Feisty)
Status: In Progress = Fix Committed
** Changed in: ruby1.8 (Ubuntu Gutsy)
Status: In Progress =
Intrepid not merged yet because there is a FTBFS (hang during 'make
test')
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are a member
This bug was fixed in the package ruby1.8 - 1.8.6.36-1ubuntu3.2
---
ruby1.8 (1.8.6.36-1ubuntu3.2) gutsy-security; urgency=low
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflows and memory corruption
*
This bug was fixed in the package ruby1.8 - 1.8.5-4ubuntu2.2
---
ruby1.8 (1.8.5-4ubuntu2.2) feisty-security; urgency=low
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflows and memory corruption
*
This bug was fixed in the package ruby1.8 - 1.8.6.111-2ubuntu1.1
---
ruby1.8 (1.8.6.111-2ubuntu1.1) hardy-security; urgency=low
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflows and memory corruption
*
http://www.ubuntu.com/usn/usn-621-1
** Changed in: ruby1.8 (Ubuntu Dapper)
Status: Fix Committed = Fix Released
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received
** Changed in: ruby1.9 (Ubuntu Dapper)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
** Changed in: ruby1.9 (Ubuntu Feisty)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
** Changed in: ruby1.9 (Ubuntu Gutsy)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
**
Note that the fix released causes segmentation faults in Rails
applications.
The p231 and p230 corrections are faulty. See comments in this thread
http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-
vulnerabilities
There is a suggested fix there, however we really need a solution
** Changed in: ruby1.8 (Ubuntu Dapper)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
** Changed in: ruby1.8 (Ubuntu Feisty)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
** Changed in: ruby1.8 (Ubuntu Gutsy)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
**
** Changed in: ruby1.8 (Debian)
Status: Fix Released = New
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are a member of
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2662
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2663
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2725
** CVE added: http://www.cve.mitre.org/cgi-
ruby1.8 is fixed in Intrepid due to a Debian sync.
** Changed in: ruby1.8 (Ubuntu)
Status: New = Fix Released
** Bug watch added: Debian Bug tracker #487238
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487238
** Also affects: ruby1.8 (Debian) via
** Changed in: ruby1.8 (Debian)
Status: Unknown = Fix Released
** Changed in: ruby1.9 (Debian)
Status: Unknown = Fix Released
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
I'm interested in a patch/update for Dapper LTS
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Also affects: ruby1.9 (Ubuntu)
Importance: Undecided
Status: New
--
Multiple vulnerabilities in Ruby may lead to a denial of service (DoS)
condition or allow execution of arbitrary code.
https://bugs.launchpad.net/bugs/241657
You received this bug notification because you are a
25 matches
Mail list logo
