|
|
Family: Debian Local Security Checks --> Category: infos
[DSA1139] DSA-1139-1 ruby1.6 Vulnerability Scan
Vulnerability Scan Summary
DSA-1139-1 ruby1.6
Detailed Explanation for this Vulnerability Test
It was discovered that the interpreter for the Ruby language does not
properly maintain "safe levels" for aliasing, directory accesses and
regular expressions, which might lead to a bypass of security
restrictions.
For the stable distribution (sarge) this problem has been fixed in
version 1.6.8-12sarge2.
The unstable distribution (sid) does no longer contain ruby1.6 packages.
We recommend that you upgrade your Ruby packages.
Solution : http://www.debian.org/security/2006/dsa-1139
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
