ruby-1.8.5-5.1.1AXS3

エラータID: AXSA:2008-86:01

Release date: 
Monday, September 22, 2008 - 20:52
Subject: 
ruby-1.8.5-5.1.1AXS3
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Severity: 
High
Description: 

Ruby is an interpreted scripting language for quick and easy object-oriented programming.
CVE 2008-2662: Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.
CVE 2008-2663:Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE 2008-2664:The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE 2008-2725:Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE 2008-2726:Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE 2008-2376:Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.

Solution: 

Update packages.

CVEs: 
CVE-2008-2662
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.
CVE-2008-2663
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE-2008-2664
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE-2008-2725
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N" variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE-2008-2726
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVE-2008-2376
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.




Additional Info: 

N/A

Download: 

Asianux Server 3 for x86
  1. ruby-1.8.5-5.1.1AXS3.i386.rpm
    MD5: 8a750dea188201b78153412cd6ebf113
    SHA-256: 8ea343810742feeed6ed4d158c0864fbdc2c3fa9ba4dd0ebafb412983eafd9e2
    Size: 282.29 kB
  2. ruby-devel-1.8.5-5.1.1AXS3.i386.rpm
    MD5: b0a224c9dd2372dd8f29552a2a11e8c7
    SHA-256: 323162ecccd2a778e445f629442e524d2089f0222f8ee78efa4f05d4f2b613b9
    Size: 547.85 kB
  3. ruby-docs-1.8.5-5.1.1AXS3.i386.rpm
    MD5: 2cadc0b712de298b2e111f1cb96de791
    SHA-256: 8fe22199f674dde68572c8a064e82ec2db2183d5451c1e0e6ff4ee78b3fe7834
    Size: 1.50 MB
  4. ruby-irb-1.8.5-5.1.1AXS3.i386.rpm
    MD5: bd5f0c661355923c3828527b2aa69375
    SHA-256: 736b6325075309cf78dba4f5846c610ab2824e3c684642637b73233c3e104b5c
    Size: 68.73 kB
  5. ruby-libs-1.8.5-5.1.1AXS3.i386.rpm
    MD5: 6e07916a2cf561ae8097f5b831c07523
    SHA-256: 644378f97f531346cbd2b0432809e8663a960b499bafa583ca35f4a91497da70
    Size: 1.64 MB
  6. ruby-mode-1.8.5-5.1.1AXS3.i386.rpm
    MD5: ffa4d774e641501e6a3f1e2c61a4fd85
    SHA-256: 7980113126c86ceccd50b864564b538e4bb25ef41168f10eb577267a67c8ed77
    Size: 53.60 kB
  7. ruby-tcltk-1.8.5-5.1.1AXS3.i386.rpm
    MD5: f9bfa8b73e05dd676d2bbcb3cb326f0e
    SHA-256: 858c7d4046e08a0352fd996f71a812ecf986cc0783e3132a8286d147b3fea744
    Size: 1.67 MB

Asianux Server 3 for x86_64
  1. ruby-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: 435af76615099ad743549e6f119e9294
    SHA-256: 7bd03f18f213aea761986cf0307b331a9ba6d86aab0dadc8e96dc73e2c38e40c
    Size: 282.12 kB
  2. ruby-devel-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: ff43e488000fd1ef1c0f598e54fae411
    SHA-256: e0b4d744af10c2a3792aa29f57596b247337243aae1904e0b1392b86977c75b9
    Size: 557.77 kB
  3. ruby-docs-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: 038e93176318f129acd28c2bca87f113
    SHA-256: 41c71169ad939e879a431b70c4f5c98a8cbcf326497cc3d4f56719ec70270d0a
    Size: 1.50 MB
  4. ruby-irb-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: 362a79fa811af8f08b3e669f72ab4a72
    SHA-256: e529151ef7cd3e2af58f8e329493c725040b81b8cf105715a12f7594d9d2a486
    Size: 68.95 kB
  5. ruby-libs-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: 0d1006117968a7b8d3711f1f3bfc8a85
    SHA-256: 3190cd9e3904f0379b3fac27c0dd9d13ebdf732fee24e1871f6242a7845a916b
    Size: 1.65 MB
  6. ruby-mode-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: 835ce3bbd312574145810de89c7eb9a8
    SHA-256: 6b9942859bf7f2fc89dbd6671a75132558bbf0e92f1eb64effaf7b2a2be28441
    Size: 53.62 kB
  7. ruby-tcltk-1.8.5-5.1.1AXS3.x86_64.rpm
    MD5: 343391685d9821d51fed689c2d992948
    SHA-256: 600b783f7fcbad23957bc34052b6447217492f9c3a226c55ecc08eb4af04e6e6
    Size: 1.67 MB