Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2012-341-04
HistoryDec 07, 2012 - 3:51 a.m.

[slackware-security] ruby

2012-12-0703:51:38
Slackware Linux Project
www.slackware.com
15

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.5%

JSON

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current
to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:

patches/packages/ruby-1.9.3_p327-i486-1_slack14.0.txz: Upgraded.
This release fixes a hash-flooding DoS vulnerability and many other bugs.
For more information, see:
https://vulners.com/cve/CVE-2012-5371
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ruby-1.9.3_p327-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ruby-1.9.3_p327-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ruby-1.9.3_p327-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ruby-1.9.3_p327-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ruby-1.9.3_p327-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ruby-1.9.3_p327-x86_64-1_slack14.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/ruby-1.9.3_p327-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/ruby-1.9.3_p327-x86_64-1.txz

MD5 signatures:

Slackware 13.1 package:
f068b60ce839e3ac94aee7466216c86c ruby-1.9.3_p327-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
58296a2d8ab490e22a9918c7fd587de6 ruby-1.9.3_p327-x86_64-1_slack13.1.txz

Slackware 13.37 package:
323bbc1ea3a430a8248810979e666281 ruby-1.9.3_p327-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
e1a3d37d058db4dc0a28a537b1c894c3 ruby-1.9.3_p327-x86_64-1_slack13.37.txz

Slackware 14.0 package:
bb4a5f20ed0a5e8a44c164ac1dfcff9f ruby-1.9.3_p327-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
7acfbb52a41f27b63002fdadf789a651 ruby-1.9.3_p327-x86_64-1_slack14.0.txz

Slackware -current package:
04e051d9f07ff4874c16544a63c2f9a5 d/ruby-1.9.3_p327-i486-1.txz

Slackware x86_64 -current package:
be1e77ca31b65eefdc6481e443de0b17 d/ruby-1.9.3_p327-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg ruby-1.9.3_p327-i486-1_slack14.0.txz

Related

nessus 10
fedora 5
openvas 16
freebsd 1
veracode 1
cve 2
ubuntucve 1
prion 1
securityvulns 3
rubygems 1
ubuntu 1
osv 1
debian 1
gentoo 1
redhat 1
nessus
nessus
FreeBSD : ruby -- Hash-flooding DoS vulnerability for ruby 1.9 (5e647ca3-2aea-11e2-b745-001fd0af1a4c)
2012-11-12 00:00:00
Fedora 18 : ruby-1.9.3.327-22.fc18 (2012-17949)
2012-11-26 00:00:00
Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2012-341-04)
2012-12-07 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ruby-1.9.3.327-22.fc18
2012-11-23 07:52:57
[SECURITY] Fedora 17 Update: ruby-1.9.3.392-29.fc17
2013-03-05 23:33:43
[SECURITY] Fedora 17 Update: ruby-1.9.3.327-19.fc17
2012-11-19 02:26:49
openvas
openvas
FreeBSD Ports: ruby
2012-11-26 00:00:00
Slackware: Security Advisory (SSA:2012-341-04)
2022-04-21 00:00:00
FreeBSD Ports: ruby
2012-11-26 00:00:00
freebsd
freebsd
ruby -- Hash-flooding DoS vulnerability for ruby 1.9
2012-11-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:53:45
cve
cve
CVE-2012-5371
2012-11-28 13:03:00
CVE-2011-5371
2012-11-28 00:55:00
ubuntucve
ubuntucve
CVE-2012-5371
2012-11-28 00:00:00
prion
prion
Design/Logic Flaw
2012-11-28 13:03:00
securityvulns
securityvulns
Ruby multiple security vulnerabilities
2013-02-24 00:00:00
[USN-1733-1] Ruby vulnerabilities
2013-02-24 00:00:00
MurmurHash algorythm vulnerabilities
2012-12-03 00:00:00
rubygems
rubygems
CVE-2012-5371 ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001)
2012-11-22 20:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2013-02-21 00:00:00
osv
osv
ruby1.9.1 - security update
2015-07-01 00:00:00
debian
debian
[SECURITY] [DLA 263-1] ruby1.9.1 security update
2015-07-01 10:09:26
gentoo
gentoo
Ruby: Denial of service
2014-12-13 00:00:00
redhat
redhat
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.5%

JSON
Related for SSA-2012-341-04
nessus10fedora5openvas16freebsd1veracode1cve2ubuntucve1prion1securityvulns3rubygems1ubuntu1osv1debian1gentoo1redhat1