[DRE-maint] Bug#540610: rubygems: integrity violation
Michael S. Gilbert
michael.s.gilbert at gmail.com
Sun Aug 9 06:10:13 UTC 2009
package: rubygems1.9
version: 1.3.1
tags: security
severity: serious
hello, it has been disclosed thet a specially crafted gem archive could
be used to overwrite system files. confirmed for 1.3.x, but older
versions may also be affected. please check and help the security
team prepare updates for the stable releases. see:
http://bugs.gentoo.org/show_bug.cgi?id=278566
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/24472
http://redmine.ruby-lang.org/issues/show/1800
More information about the Pkg-ruby-extras-maintainers
mailing list