SUSE-SU-2013:0611-1: moderate: Security update for ruby

sle-updates at sle-updates at
Wed Apr 3 12:09:43 MDT 2013

   SUSE Security Update: Security update for ruby

Announcement ID:    SUSE-SU-2013:0611-1
Rating:             moderate
References:         #704409 #783525 #808137 
Cross-References:   CVE-2011-2686 CVE-2012-4522 CVE-2013-1821
Affected Products:
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4

   An update that fixes three vulnerabilities is now available.


   The ruby interpreter received a fix for two security issues:


   CVE-2012-4466: Ruby's $SAFE mechanism enables
   untrusted user codes to run in $SAFE >= 4 mode. This is a
   kind of sandboxing so some operations are restricted in
   that mode to protect other data outside the sandbox.

   The problem found was around this mechanism.
   Exception#to_s, NameError#to_s, and name_err_mesg_to_s()
   interpreter-internal API was not correctly handling the
   $SAFE bits so a String object which is not tainted can
   destructively be marked as tainted using them. By using
   this an untrusted code in a sandbox can modify a
   formerly-untainted string destructively.


   CVE-2011-2686: Ruby before 1.8.7-p352 does not reset
   the random seed upon forking, which makes it easier for
   context-dependent attackers to predict the values of random
   numbers by leveraging knowledge of the number sequence
   obtained in a different child process.


   CVE-2013-1821: Fix entity expansion DoS vulnerability
   in REXML. When reading text nodes from an XML document, the
   REXML parser could be coerced into allocating extremely
   large string objects which could consume all available
   memory on the system.

   Security Issue references:

   * CVE-2012-4522
   * CVE-2013-1821
   * CVE-2011-2686

Package List:

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):


   - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):



More information about the sle-updates mailing list