‫ SUSE update for ruby

IRCAD2013123030
ID: IRCAD2013123030
Release Date: 2013-12-06
Criticality level: Highly critical
 
Software:
SUSE Linux Enterprise Server (SLES) 11
SUSE Studio Onsite 1.x
 
Description:
SUSE has issued an update for ruby. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
1) The vulnerability is caused due to a boundary error when parsing floating point numbers. This can be exploited to cause a buffer overflow.
 
Solution
Apply updated packages via the zypper package manager.
 
- WebYaST 1.3:
zypper in -t patch slewyst13-ruby-8578
- SUSE Studio Onsite 1.3:
zypper in -t patch slestso13-ruby-8578
- SUSE Linux Enterprise Software Development Kit 11 SP3:
zypper in -t patch sdksp3-ruby-8579
- SUSE Linux Enterprise Software Development Kit 11 SP2:
zypper in -t patch sdksp2-ruby-8578
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-ruby-8579
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-ruby-8579
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-ruby-8578
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-ruby-8578
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-ruby-8579
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp2-ruby-8578
- SUSE Lifecycle Management Server 1.3:
zypper in -t patch sleslms13-ruby-8578
 
References:
SUSE-SU-2013:1828-1:
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 18 آذر 1392

امتیاز

امتیاز شما
تعداد امتیازها:0