ruby, rubygem, rubygems security update

CentOS Errata and Security Advisory CESA-2018:0378 An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...

Debian DSA-1652-1 : ruby1.9 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...