[Debian Security Advisory DSA-860-1]

PROBLEM:

There is a bug in Ruby.

PLATFORM:

Debian GNU/Linux 3.0 alias woody
Debian GNU/Linux 3.1 alias sarge
Red Hat Desktop (v. 3) & (v. 4)
Red Hat Enterprise Linux AS, ES, WS (v. 3) & (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SGI ProPack 3 Service Pack 6 for SGI Altix family of systems

DAMAGE:

Can cause illegal program code to bypass the safe level and taint flag protections check and be executed.

SOLUTION:

Upgrade to the appropriate versions.

VULNERABILITY
ASSESSMENT:

The risk is LOW. Can cause illegal program code to bypass the safe level and taint flag protections check and be executed.

REVISION HISTORY:
07/22/2005 - revised to add a link to Debian Security Advisory DSA-864-1
10/26/2005 - revised to add a link to Red Hat RHSA-2005:809-6 for Red Hat Desktop (v. 3) & (v. 4), Red Hat Enterprise Linux AS, ES, WS (v. 3) & (v. 4), and for Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor.
10/31/2005 - revised to add a link to SGI Security Advisory Number 20051003-02-U, providing patches for this vulnerability. 11/29/2005 - added a link SGI Advanced Linux Environment 3 Security Update #51 (#20051101-01-U) that provides Patch 10242 for SGI ProPack 3 Service Pack 6.

[***** Start Debian Security Advisory DSA-860-1 *****]
Debian -- Security Information -- DSA-860-1 ruby

Debian Security Advisory

DSA-860-1 ruby -- programming error

Date Reported:

11 Oct 2005

Affected Packages:

ruby

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 332742.
In Mitre's CVE dictionary: CAN-2005-2337.
CERT's vulnerabilities, advisories and incident notes: VU#160012.

More information:

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions:

	old stable (woody)	stable (sarge)	unstable (sid)
ruby	1.6.7-3woody5	n/a	n/a
ruby1.6	n/a	1.6.8-12sarge1	1.6.8-13
ruby1.8	n/a	1.8.2-7sarge2	1.8.3-1

We recommend that you upgrade your ruby packages.

Fixed in:

Debian GNU/Linux 3.0 (woody)

Source:: http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.dsc; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.diff.gz; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7.orig.tar.gz
Architecture-independent component:: http://security.debian.org/pool/updates/main/r/ruby/irb_1.6.7-3woody5_all.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-elisp_1.6.7-3woody5_all.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-examples_1.6.7-3woody5_all.deb
Alpha:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_alpha.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_arm.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_i386.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_ia64.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_ia64.deb
HPPA:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_hppa.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_hppa.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_m68k.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mips.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mipsel.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_powerpc.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_s390.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_sparc.deb; http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

LINKS:
CIRC BULLETIN:	http://www.doecirc.energy.gov/bulletins/q-016.shtml
ORIGINAL BULLETIN:	Debian Security Advisory DSA-860-1
	http://www.debian.org/security/2005/dsa-860
ADDITIONAL LINKS:	Debian Security Advisory DSA-862-1 http://www.debian.org/security/2005/dsa-862
	US-CERT Vulnerability Note VU#160012 http://www.kb.cert.org/vuls/id/160012 Debian Security Advisory DSA-864-1 http://www.debian.org/security/2005/dsa-864
	Red Hat RHSA-2005:809-6 https://rhn.redhat.com/errate/RHSA-2005-809.html SGI Security Advisory Number 20051003-02-U ftp://patches.sgi.com/support/free/security/advisories/20051003-02-U.asc SGI Security Advisory Update #51, Number 20051101-01-U ftp://patches.sgi.com/support/free/security/advisories/20051101-01-U.asc
CVE:	CVE-2005-2337

INFORMATION BULLETIN

Q-016: Ruby