|
|
Family: Debian Local Security Checks --> Category: infos
[DSA586] DSA-586-1 ruby Vulnerability Scan
Vulnerability Scan Summary
DSA-586-1 ruby
Detailed Explanation for this Vulnerability Test
The upstream developers of Ruby have corrected a problem in the CGI
module for this language. Specially crafted requests could cause an
infinite loop and thus cause the program to eat up cpu cycles.
For the stable distribution (woody) this problem has been fixed in
version 1.6.7-3woody4.
For the unstable distribution (sid) this problem has been fixed in
version 1.6.8-12 of ruby1.6 and in version 1.8.1+1.8.2pre2-4 of
ruby1.8.
We recommend that you upgrade your ruby packages.
Solution : http://www.debian.org/security/2004/dsa-586
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
