Package: ruby1.8 Version: 1.8.2-9 Severity: grave Tags: security patch Hi!
There is a safe mode bypass in all Ruby versions: http://www.ruby-lang.org/en/20051003.html This page also contains a patch (which does not apply perfectly since the XMLRPC issue is already fixed, but for eval.c it applies fine). This has been assigned CAN-2005-2337, please mention this number in the changelog when you fix this. Thanks, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntulinux.org Debian Developer http://www.debian.org
signature.asc
Description: Digital signature
