Summary: | <dev-lang/ruby-{2.0.0_p648,2.1.9,2.2.4}: Unsafe tainted string usage in Fiddle and DL (CVE-2015-7551) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hans de Graaff <graaff> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ruby |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/ | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 564272 | ||
Bug Blocks: |
Description
Hans de Graaff
2015-12-17 07:28:03 UTC
ruby-2.0.0_p648, ruby-2.1.8, and ruby-2.2.4 have been added. Please wait with stabilization until https://bugs.gentoo.org/show_bug.cgi?id=564272#c10 has been investigated and resolved. Thanks for the report Any updates on this? No feedback on the bug that was blocking and no further cases, so lets continue. Arches, please test and mark stable: =dev-lang/ruby-2.0.0_p648 =dev-lang/ruby-2.1.9 Both stable on alpha. amd64 stable x86 stable Stable for PPC64. arm stable Stable for HPPA. ppc stable sparc stable ia64 stable. Maintainer(s), please cleanup. Security, please vote. Vulnerable versions have been removed. GLSA Vote: No. |