Security
Security
Multiple vulnerabilities have been found in Ruby, allowing context-dependent attackers to cause a Denial of Service condition.
| Package | dev-lang/ruby on all architectures |
|---|---|
| Affected versions | < 2.0.0_p598 |
| Unaffected versions | revision >= 1.9.3_p551 >= 2.0.0_p598 |
Ruby is an object-oriented scripting language.
Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details.
A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or bypass security restrictions.
There is no known workaround at this time.
All Ruby 1.9 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.9.3_p551"
All Ruby 2.0 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/ruby-2.0.0_p598"