August 11, 2009

Debian Security Advisory 1860 ruby1.8, ruby1.9 - several vulnerabilities

Article Source Debian Security Advisories
August 11, 2009, 5:00 pm

Several vulnerabilities have been discovered in Ruby. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2009-0642

    The return value from the OCSP_basic_verify function was not checked properly, allowing continued use of a revoked certificate.

  • CVE-2009-1904

    An issue in parsing BigDecimal numbers can result in a denial-of-service condition (crash)...

Click Here!