Home / mailings [USN-1377-1] Ruby vulnerabilities
Posted on 28 February 2012
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1377-1
February 28, 2012
ruby1.8 vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in ruby1.8.
Software Description:
- ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8
Details:
Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-si=
te
scripting attacks when displaying error pages. A remote attacker could use =
this
flaw to run arbitrary web script. (CVE-2010-0541)
Drew Yao discovered that Ruby's BigDecimal module did not properly allocate
memory on 64-bit platforms. An attacker could use this flaw to cause a deni=
al
of service or possibly execute arbitrary code with user privileges.
(CVE-2011-0188)
Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method=
in
Ruby did not properly remove non-empty directories. An attacker could use t=
his
flaw to possibly delete arbitrary files. (CVE-2011-1004)
It was discovered that Ruby incorrectly allowed untainted strings to be
modified in protective safe levels. An attacker could use this flaw to bypa=
ss
intended access restrictions. (CVE-2011-1005)
Eric Wong discovered that Ruby does not properly reseed its pseudorandom nu=
mber
generator when creating child processes. An attacker could use this flaw to
gain knowledge of the random numbers used in other Ruby child processes.
(CVE-2011-2686)
Eric Wong discovered that the SecureRandom module in Ruby did not properly =
seed
its pseudorandom number generator. An attacker could use this flaw to gain
knowledge of the random numbers used by another Ruby process with the same
process ID number. (CVE-2011-2705)
Alexander Klink and Julian W=E4lde discovered that Ruby computed hash values
without restricting the ability to trigger hash collisions predictably. A
remote attacker could cause a denial of service by crafting values used in =
hash
tables. (CVE-2011-4815)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
libruby1.8 1.8.7.352-2ubuntu0.1
ruby1.8 1.8.7.352-2ubuntu0.1
Ubuntu 11.04:
libruby1.8 1.8.7.302-2ubuntu0.1
ruby1.8 1.8.7.302-2ubuntu0.1
Ubuntu 10.10:
libruby1.8 1.8.7.299-2ubuntu0.1
ruby1.8 1.8.7.299-2ubuntu0.1
Ubuntu 10.04 LTS:
libruby1.8 1.8.7.249-2ubuntu0.1
ruby1.8 1.8.7.249-2ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1377-1
CVE-2010-0541, CVE-2011-0188, CVE-2011-1004, CVE-2011-1005,
CVE-2011-2686, CVE-2011-2705, CVE-2011-4815
Package Information:
https://launchpad.net/ubuntu/+source/ruby1.8/1.8.7.352-2ubuntu0.1
https://launchpad.net/ubuntu/+source/ruby1.8/1.8.7.302-2ubuntu0.1
https://launchpad.net/ubuntu/+source/ruby1.8/1.8.7.299-2ubuntu0.1
https://launchpad.net/ubuntu/+source/ruby1.8/1.8.7.249-2ubuntu0.1
