Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Jul 2015 02:44:46 -0700
From: Reed Loden <reed@...dloden.com>
To: oss-security@...ts.openwall.com, 
	Assign a CVE Identifier <cve-assign@...re.org>, security@...y-lang.org
Subject: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129

https://www.ruby-lang.org/en/news/2009/05/12/ruby-1-9-1-p129-released/
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/336353

>From the above:

* DL::Function#call could pass tainted arguments to a C function even if
$SAFE > 0.
https://github.com/ruby/ruby/commit/7269e3de3cee3bbb6ab77fc708f3a10cab00b65e

* DL::dlopen could open a library with tainted library name even if
$SAFE > 0
https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b

Doesn't look like either one of these was ever assigned a CVE (please
correct me if I'm wrong).

These seem to be different issues than CVE-2008-3657.

~reed

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ