[SECURITY] [DLA 299-1] ruby1.8 security update

2015-08-26T12:22:22
ID DEBIAN:DLA-299-1:9179A
Type debian
Reporter Debian
Modified 2015-08-26T12:22:22

Description

Package : ruby1.8 Version : 1.8.7.302-2squeeze5 CVE ID : CVE-2009-5147

"sheepman" fixed a vulnerability in Ruby 1.8: DL::dlopen could open a library with tainted name even if $SAFE > 0.

For Debian 6 “Squeeze”, this issue has been fixed in ruby1.8 1.8.7.302-2squeeze5.