ruby security update

2008-07-14T00:00:00
ID ELSA-2008-0562
Type oraclelinux
Reporter Oracle
Modified 2008-07-14T00:00:00

Description

[1.6.8-12.el3] - ruby-1.6.8-string-CVE-2008-2664.patch: wrong patch. Fix a segfault. [1.6.8-11.el3] - CVE-2008-2376: Integer overflow in rb_ary_fill(). [1.6.8-10.el3] - security fixes. (#451931) - CVE-2006-6303: Fix the infinite loop issue with the malformed multipart data in cgi.rb. - CVE-2008-2663: Fix the integer overflow in rb_ary_store(). - CVE-2008-2664: Fix the unsafe use of alloca in rb_str_format(). - CVE-2008-2727: Fix the integer overflow in rb_ary_replace(). - CVE-2008-2728: Fix the integer overflow in rb_ary_replace().