[FEDORA-2011-1913] Fedora 13: ruby
Severity
Medium
Affected Packages
1
CVEs
3
Two patches backported from 1.8.7 branch, for
Symlink race condition in FileUtils.remove_entry_secure
bypass of $SAFE mechanism in Exception#to_s
Package | Affected Version |
---|---|
pkg:rpm/fedora/ruby?distro=fedora-13 | < 1.8.6.420.2.fc13 |
- ID
- FEDORA-2011-1913
- Severity
- medium
- Severity from
- CVE-2011-1004
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2011-1913
- Published
-
2011-03-02T01:46:19
(13 years ago) - Modified
-
2011-03-02T01:46:19
(13 years ago) - Rights
- Copyright 2011 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 678920 | Bug #678920 - CVE-2011-1005 Ruby: Untrusted codes able to modify arbitrary strings | https://bugzilla.redhat.com/show_bug.cgi?id=678920 |
Bugzilla | 678913 | Bug #678913 - CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module | https://bugzilla.redhat.com/show_bug.cgi?id=678913 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/ruby?distro=fedora-13 | fedora | ruby | < 1.8.6.420.2.fc13 | fedora-13 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |