ruby security and bug fix update

2013-01-11T00:00:00
ID ELSA-2013-0129
Type oraclelinux
Reporter Oracle
Modified 2013-01-11T00:00:00

Description

[1.8.5-27] - unintentional file creation caused by inserting an illegal NUL character * ruby-1.8.6-CVE-2012-4522-io.c-pipe_open-command-name-should-not-contain-null-.patch - Related: rhbz#867750

[1.8.5-26] - escaping vulnerability about Exception#to_s / NameError#to_s * ruby-1.8.7-p371-CVE-2012-4481.patch - Resolves: rhbz#867750 - unintentional file creation caused by inserting an illegal NUL character * ruby-1.8.6-CVE-2012-4522-io.c-rb_open_file-should-check-NUL-in-path.patch - Resolves: rhbz#867750

[1.8.5-25] - Resolve buffer overflow causing gem installation issues. * ruby-1.8.7-syck-avoid-buffer-overflow.patch - Resolves: rhbz#834381