Mandrake Security Advisory MDVSA-2009:177 (ruby)

The remote host is missing an update to ruby announced via advisory MDVSA-2009:177.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem. Affected: Enterprise Server 5.0