Ruby: Denial of Service

Ruby: Denial of Service Multiple vulnerabilities have been found in Ruby, allowing context-dependent attackers to cause a Denial of Service condition. Ruby December 13, 2014 December 13, 2014: 1 355439 369141 396301 437366 442580 458776 492282 527084 529216 local, remote 1.9.3_p551 2.0.0_p598 2.0.0_p598

Ruby is an object-oriented scripting language.

Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details.

A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or bypass security restrictions.

There is no known workaround at this time.

All Ruby 1.9 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.9.3_p551"

All Ruby 2.0 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-lang/ruby-2.0.0_p598"

CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 CVE-2011-4815 CVE-2012-4481 CVE-2012-5371 CVE-2013-0269 CVE-2013-1821 CVE-2013-4164 CVE-2014-8080 CVE-2014-8090 underling craig