Slackwarearm-14.0 ChangeLog (2013-05-19)
Sun May 19 20:43:47 UTC 2013
Packages
Upgraded
- patches/packages/ruby-1.9.3_p429-arm-1_slack14.0.tgz
This update fixes a security issue in DL and Fiddle included in Ruby where
tainted strings can be used by system calls regardless of the $SAFE level
setting.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2065
http://www.ruby-lang.org/en/news/2013/05/14/taint-bypass-dl-fiddle-cve-2013-2065/
(* Security fix *)