ruby: security update
A memory corruption in the BigDecimal class potentially
allowed attackers to execute arbitrary code (CVE-2011-0188).
Affects 64bit platforms only.
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4584
Fixed bugs
bnc#682287
VUL-0: ruby bigdecimal memory corruption
CVE#CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary c
