Summary: | dev-lang/ruby: heap buffer overflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ruby |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.talosintelligence.com/reports/TALOS-2016-0032/ | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-09-30 15:17:15 UTC
Looks to be fixed in https://github.com/ruby/ruby/commit/cc0313436160b735a3d41361cb5e3eeb10fcbdad which should be in ruby 2.4 and later, and possible 2.3. The POC in the original bug report runs fine for me without crashes. Thanks! |