Please support VectorLinux!

Author Topic: 090113 ruby-1.8.6-p187 closes a known security vulnerabilty [VL 5.9, VL 6.0]  (Read 2565 times)

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works
A new, patched version of Ruby is available for VL 5.9, VL 5.9.1, and VL 6.0.  This version "fixes several bugs in the previous Ruby update, including a security issue where the DNS resolver did not randomize the source port and  transaction id sufficiently."  For details see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754

A new package for VL 5.9 is currently in the testing repository.  A VL 6.0 package will be available later this evening.
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1