Ubuntu Update For Ruby1.9 Vulnerability USN-691-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-691-1

Solution

Please Install the Updated Packages.

Insight

Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443) This update also fixes a regression in the upstream patch previously applied to fix CVE-2008-3790. The regression would cause parsing of some XML documents to fail.

Affected

ruby1.9 vulnerability on Ubuntu 8.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-December/000802.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3443, CVE-2008-3790
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for bogofilter vulnerability USN-980-1
Ubuntu Update for curl USN-2058-1
Ubuntu Update for commons-daemon USN-1298-1
Ubuntu Update for bind9 vulnerabilities USN-1025-1
Ubuntu Update for acpi-support USN-2297-1

Ubuntu Update for ruby1.9 vulnerability USN-691-1

Take action and discover your vulnerabilities