There is an unsafe tainted string usage vulnerability in Fiddle and DL. This vulnerability has been assigned the CVE identifier CVE-2015-7551. Details There is an unsafe tainted string vulnerability in Fiddle and DL. This issue was originally reported and fixed with CVE-2009-5147 in DL, but reappeared after DL was reimplemented using Fiddle and libffi. And, about DL, CVE-2009-5147 was fixed at Ruby 1.9.1, but not fixed at other branches, then rubies which bundled DL except Ruby 1.9.1 are still vulnerable. Impacted code looks something like this: handle = Fiddle::Handle.new(dangerous_user_input) Or: handle = Fiddle::Handle.new(some_library) function_pointer = handle[dangerous_user_input] All users running an affected release should either upgrade or use one of the work arounds immediately. Affected Versions All patch releases of Ruby 1.9.2 and Ruby 1.9.3 (DL and Fiddle). All patch releases of Ruby 2.0.0 prior to Ruby 2.0.0 patchlevel 648 (DL and Fiddle). All versions of Ruby 2.1 prior to Ruby 2.1.8 (DL and Fiddle). All versions of Ruby 2.2 prior to Ruby 2.2.4 (Fiddle). Ruby 2.3.0 preview 1 and preview 2 (Fiddle). prior to trunk revision 53153 (Fiddle).
ruby-2.0.0_p648, ruby-2.1.8, and ruby-2.2.4 have been added. Please wait with stabilization until https://bugs.gentoo.org/show_bug.cgi?id=564272#c10 has been investigated and resolved.
Thanks for the report
Any updates on this?
No feedback on the bug that was blocking and no further cases, so lets continue. Arches, please test and mark stable: =dev-lang/ruby-2.0.0_p648 =dev-lang/ruby-2.1.9
Both stable on alpha.
amd64 stable
x86 stable
Stable for PPC64.
arm stable
Stable for HPPA.
ppc stable
sparc stable
ia64 stable. Maintainer(s), please cleanup. Security, please vote.
Vulnerable versions have been removed.
GLSA Vote: No.
