Re: [SECURITY] [DSA 860-1] New Ruby packages fix safety bypass
Martin Schulze wrote:
> - --------------------------------------------------------------------------
> Debian Security Advisory DSA 860-1 security@debian.org
> http://www.debian.org/security/ Martin Schulze
> October 11th, 2005 http://www.debian.org/security/faq
> - --------------------------------------------------------------------------
>
> Package : ruby
> Vulnerability : programming error
> Problem type : local
> Debian-specific: no
> CVE ID : CAN-2005-2337
> CERT advisory : VU#160012
> Debian Bug : 332742
>
> Yutaka Oiwa discovered a bug in Ruby, the interpreter for the
> object-oriented scripting language, that can cause illegal program
> code to bypass the safe level and taint flag protections check and be
> executed. The following matrix lists the fixed versions in our
> distributions:
This explanation is not correct. According to explanation in Japanese
original vulnarability report
(http://www.ipa.go.jp/security/vuln/documents/2005/JVN_62914675_Ruby.html)
and JVN report (http://jvn.jp/jp/JVN%2362914675/index.html),
only "safe level" feature is bypassed, not taint flag controls. Since
description in www.ruby-lang.org has confusing explanation maybe due to
mistranslation :-), but explanation in US-CERT is more appropriate for
this bug.
--
Seiji Kaneko skaneko@a2.mbn.or.jp
----------------------------------------------------------------------
Reply to: