Oracle Linux 6 : ruby (ELSA-2011-0910)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0910 advisory. - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005...

FreeBSD : ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s (2a093853-2495-11e2-b0c7-000d601460a4)

The official ruby site reports : Vulnerabilities found for Exceptiontos, NameErrortos, and nameerrmesgtos which is Ruby interpreter-internal API. A malicious user code can bypass $SAFE check by utilizing one of those security holes. Ruby's $SAFE mechanism enables untrusted user codes to run in...

RHEL 6 : ruby (RHSA-2011:0910)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0910 advisory. - ruby: memory corruption in BigDecimal on 64bit platforms CVE-2011-0188 - Ruby: Symlink race condition by removing directory trees in...

RHEL 5 : ruby (RHSA-2011:0909)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0909 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...

ruby security update

1.8.7.299-7.1 - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in...