Package "ruby1.8-dev"

Name:	ruby1.8-dev
Description:	Header files for compiling extension modules for the Ruby 1.8
Latest version:	1.8.7.352-2ubuntu1.6
Release:	precise (12.04)
Level:	updates
Repository:	main
Head package:	ruby1.8
Homepage:	http://www.ruby-lang.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "ruby1.8-dev"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "ruby1.8-dev" in Precise

Repository	Area	Version
base	main	1.8.7.352-2ubuntu1
security	main	1.8.7.352-2ubuntu1.6
PPA: Brightbox Ruby NG Experimental		1:1.8.7.376-1bbox5~ubuntu12.04.1~ppa1

Changelog

Version: 1.8.7.352-2ubuntu1.6 2014-11-20 18:06:56 UTC

ruby1.8 (1.8.7.352-2ubuntu1.6) precise-security; urgency=medium * SECURITY UPDATE: denial of service via XML expansion - debian/patches/CVE-2014-8090.patch: add REXML::Document#document to lib/rexml/document.rb, add warning to lib/rexml/entity.rb, added tests to test/rexml/test_document.rb. - CVE-2014-8090 -- Marc Deslauriers <email address hidden> Wed, 19 Nov 2014 15:39:16 -0500

Source diff to previous version

CVE-2014-8090

Incomplete fix for CVE-2014-8080

Version: 1.8.7.352-2ubuntu1.5 2014-11-04 21:06:44 UTC

ruby1.8 (1.8.7.352-2ubuntu1.5) precise-security; urgency=medium * SECURITY UPDATE: denial of service via XML expansion - debian/patches/CVE-2014-8080.patch: limit expansions in lib/rexml/entity.rb, added tests to test/rexml/test_document.rb. - CVE-2014-8080 -- Marc Deslauriers <email address hidden> Fri, 31 Oct 2014 13:13:25 -0400

Source diff to previous version

CVE-2014-8080

Denial Of Service XML Expansion

Version: 1.8.7.352-2ubuntu1.4 2013-11-27 18:07:01 UTC

ruby1.8 (1.8.7.352-2ubuntu1.4) precise-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via heap overflow in floating point parsing. - debian/patches/CVE-2013-4164.patch: check lengths in util.c. - CVE-2013-4164 -- Marc Deslauriers <email address hidden> Tue, 26 Nov 2013 09:09:41 -0500

Source diff to previous version

CVE-2013-4164

Heap Overflow in Floating Point Parsing

Version: 1.8.7.352-2ubuntu1.3 2013-07-09 16:07:00 UTC

ruby1.8 (1.8.7.352-2ubuntu1.3) precise-security; urgency=low * SECURITY UPDATE: incorrect ssl hostname verification - debian/patches/CVE-2013-4073.patch: fix hostname check and regression in ext/openssl/lib/openssl/ssl-internal.rb, added test to test/openssl/test_ssl.rb. - CVE-2013-4073 -- Marc Deslauriers <email address hidden> Mon, 08 Jul 2013 10:17:35 -0400

Source diff to previous version

CVE-2013-4073

Hostname check bypassing vulnerability in SSL client

Version: 1.8.7.352-2ubuntu1.2 2013-03-25 19:06:48 UTC

ruby1.8 (1.8.7.352-2ubuntu1.2) precise-security; urgency=low * SECURITY UPDATE: REXML entity expansion DoS - debian/patches/CVE-2013-1821.patch: set an expansion limit in lib/rexml/document.rb, lib/rexml/text.rb, added test to test/rexml/test_document.rb. - Patch taken from Debian's 1.8.7.358-7 - CVE-2013-1821 -- Marc Deslauriers <email address hidden> Fri, 22 Mar 2013 14:52:43 -0400

CVE-2013-1821

entity expansion DoS vulnerability in REXML

About - Send Feedback to @ubuntu_updates

Package "ruby1.8-dev"

Links

Download "ruby1.8-dev"

Other versions of "ruby1.8-dev" in Precise

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates