Synopsis: Critical: ruby security update
Advisory ID: SLSA-2013:1764-1
Issue Date: 2013-11-25
CVE Numbers: CVE-2013-4164
—
A buffer overflow flaw was found in the way Ruby parsed floating point
numbers from their text representation. If an application using Ruby
accepted untrusted input strings and converted them to floating point
numbers, an attacker able to provide such input could cause the
application to crash or, possibly, execute arbitrary code with the
privileges of the application. (CVE-2013-4164)
—
SL6
x86_64
ruby-1.8.7.352-13.el6.x86_64.rpm
ruby-debuginfo-1.8.7.352-13.el6.i686.rpm
ruby-debuginfo-1.8.7.352-13.el6.x86_64.rpm
ruby-devel-1.8.7.352-13.el6.i686.rpm
ruby-devel-1.8.7.352-13.el6.x86_64.rpm
ruby-irb-1.8.7.352-13.el6.x86_64.rpm
ruby-libs-1.8.7.352-13.el6.i686.rpm
ruby-libs-1.8.7.352-13.el6.x86_64.rpm
ruby-rdoc-1.8.7.352-13.el6.x86_64.rpm
ruby-docs-1.8.7.352-13.el6.x86_64.rpm
ruby-ri-1.8.7.352-13.el6.x86_64.rpm
ruby-static-1.8.7.352-13.el6.x86_64.rpm
ruby-tcltk-1.8.7.352-13.el6.x86_64.rpm
i386
ruby-1.8.7.352-13.el6.i686.rpm
ruby-debuginfo-1.8.7.352-13.el6.i686.rpm
ruby-devel-1.8.7.352-13.el6.i686.rpm
ruby-irb-1.8.7.352-13.el6.i686.rpm
ruby-libs-1.8.7.352-13.el6.i686.rpm
ruby-rdoc-1.8.7.352-13.el6.i686.rpm
ruby-docs-1.8.7.352-13.el6.i686.rpm
ruby-ri-1.8.7.352-13.el6.i686.rpm
ruby-static-1.8.7.352-13.el6.i686.rpm
ruby-tcltk-1.8.7.352-13.el6.i686.rpm
– Scientific Linux Development Team
