*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: ruby1.8 CVE-2008-2376 description: "Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows." http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2376 ** Affects: ruby1.8 (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2376 -- [CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby https://bugs.launchpad.net/bugs/246818 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
