oss-sec mailing list archives
CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129
From: Reed Loden <reed () reedloden com>
Date: Tue, 28 Jul 2015 02:44:46 -0700
https://www.ruby-lang.org/en/news/2009/05/12/ruby-1-9-1-p129-released/ http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/336353
From the above:
* DL::Function#call could pass tainted arguments to a C function even if $SAFE > 0. https://github.com/ruby/ruby/commit/7269e3de3cee3bbb6ab77fc708f3a10cab00b65e * DL::dlopen could open a library with tainted library name even if $SAFE > 0 https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b Doesn't look like either one of these was ever assigned a CVE (please correct me if I'm wrong). These seem to be different issues than CVE-2008-3657. ~reed
Current thread:
- CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden (Jul 28)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 cve-assign (Jul 28)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden (Jul 29)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Jan Rusnacko (Jul 28)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden (Jul 29)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 cve-assign (Jul 28)