ruby security update

2008-10-21T00:00:00
ID ELSA-2008-0896
Type oraclelinux
Reporter Oracle
Modified 2008-10-21T00:00:00

Description

[1.6.8-13.el3] - security fixes. (#461578) - CVE-2008-3655: multiple insufficient safe mode restrictions - CVE-2008-3443: Memory allocation failure in Ruby regex engine (remotely exploitable DoS) - CVE-2008-3905: use of predictable source port and transaction id in DNS requests done by resolve.rb module.