Summary: | <dev-lang/ruby-{1.8.6_p388, 1.8.7_p249, 1.9.1_p378} webrick missing terminal escaping (CVE-2009-4492) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ruby |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/ | ||
Whiteboard: | 1.8.x: A3? [glsa] 1.9.x.: ~3? [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
2010-01-10 16:49:57 UTC
Arches, please test and mark stable: =app-admin/eselect-ruby-20091225 =dev-lang/ruby-1.8.6_p388 =dev-lang/ruby-1.8.7_p249 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" x86 stable x86 stable ppc and ppc64 done Stable for HPPA. alpha/arm/ia64/s390/sh/sparc stable amd64 stable YES. Removed vulnerable ebuilds, GLSA draft filed. CVE-2009-4492 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4492): WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. GLSA 201001-09 for Ruby 1.8.x. Ruby 1.9.1 is hardmasked and suffering from a regression that needs to be addressed. Keeping the bug open until it is fixed. 1.9.1-p376 is in the tree. 1.9.x is masked and was never stable. Closing. |