Fedora alert FEDORA-2007-2685 (ruby)

From:
    	     
 
updates@fedoraproject.org
To:
    	     
 
fedora-package-announce@redhat.com
Subject:
    	     
 
[SECURITY] Fedora 7 Update: ruby-1.8.6.111-1.fc7
Date:
    	     
 
Mon, 29 Oct 2007 12:04:39 -0700
Message-ID:
    	     
 
<200710291904.l9TJ4TF5002838@bastion.fedora.phx.redhat.com>
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2685
2007-10-29 19:04:33.453651
--------------------------------------------------------------------------------

Name        : ruby
Product     : Fedora 7
Version     : 1.8.6.111
Release     : 1.fc7
URL         : http://www.ruby-lang.org/
Summary     : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming.  It has many features to process text
files and to do system management tasks (as in Perl).  It is simple,
straight-forward, and extensible.

--------------------------------------------------------------------------------
Update Information:

This release contains another fixes of CVE-2007-5162 for Net::FTPTLS, Net::Telnet and Net::IMAP.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct 29 2007 Akira TAGOH <tagoh@redhat.com> - 1.8.6.111-1
- New upstream release.
- ruby-1.8.6.111-CVE-2007-5162.patch: Update a bit with backporting the changes
   at trunk to enable the fix without any modifications on the users' scripts.
   Note that Net::HTTP#enable_post_connection_check isn't available anymore.
   If you want to disable this post-check, you should give OpenSSL::SSL::VERIFY_NONE
   to Net::HTTP#verify_mode= instead of.
* Mon Oct 15 2007 Akira TAGOH <tagoh@redhat.com> - 1.8.6.110-2
- Enable pthread support for ppc too. (#201452)
- Fix unexpected dependencies appears in ruby-libs. (#253325)
* Wed Oct 10 2007 Akira TAGOH <tagoh@redhat.com> - 1.8.6.110-1
- New upstream release.
  - ruby-r12567.patch: removed.
- ruby-1.8.6-CVE-2007-5162.patch: security fix for Net::HTTP that is
  insufficient verification of SSL certificate.
* Thu Aug 23 2007 Akira TAGOH <tagoh@redhat.com> - 1.8.6.36-4
- Rebuild
* Fri Aug 10 2007 Akira TAGOH <tagoh@redhat.com>
- Update License tag.
* Wed Jul 25 2007 Akira TAGOH <tagoh@redhat.com> - 1.8.6.36-3
- ruby-r12567.patch: backport patch from upstream svn to get rid of
  the unnecessary declarations. (#245446)
* Fri Jul 20 2007 Akira TAGOH <tagoh@redhat.com> - 1.8.6.36-2
- New upstream release.
  - Fix Etc::getgrgid to get the correct gid as requested. (#236647)
--------------------------------------------------------------------------------
References:

  [ 1 ] CVE-2007-5162
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
--------------------------------------------------------------------------------
Updated packages:

256bd0b2eaa05b808c3c11cf92124be3f3e08e1a ruby-1.8.6.111-1.fc7.ppc64.rpm
f31c52278982bb7b4d67a4762999d1e07d2e685d ruby-rdoc-1.8.6.111-1.fc7.ppc64.rpm
d3b9c6d11a3e205fed5a6f147d293a2b0857c0de ruby-debuginfo-1.8.6.111-1.fc7.ppc64.rpm
c8589ac68cc66df61f9af39d9ef45383090bbbd1 ruby-ri-1.8.6.111-1.fc7.ppc64.rpm
1a72b62806cc79bafc4c17fcfe977bcb415f482e ruby-tcltk-1.8.6.111-1.fc7.ppc64.rpm
9587703ea56a3263958272e97c68a5394ebbc625 ruby-irb-1.8.6.111-1.fc7.ppc64.rpm
a5ddf8708af4af3b2de24c5675717968c305e08a ruby-devel-1.8.6.111-1.fc7.ppc64.rpm
c8e4ad9e645a856af52d9698ca4e955a2686a54b ruby-docs-1.8.6.111-1.fc7.ppc64.rpm
634361ea5584a94bd844b97c84f0d61481ee154f ruby-libs-1.8.6.111-1.fc7.ppc64.rpm
cdbc08ed72ef2421b15af1169d7fe51944060fc0 ruby-debuginfo-1.8.6.111-1.fc7.i386.rpm
7050bdb5d6276369e413d4847458272ef545a0b2 ruby-rdoc-1.8.6.111-1.fc7.i386.rpm
f41d95544e07cd8d3ba073d29ff4e42ccea46c88 ruby-devel-1.8.6.111-1.fc7.i386.rpm
b52c780708c524e1226120f8e1bd51f83cc35c82 ruby-tcltk-1.8.6.111-1.fc7.i386.rpm
01e5a27a0d510a4333c4696e0aac2b2c90585c2a ruby-ri-1.8.6.111-1.fc7.i386.rpm
02626a0b18760e8c97ad277444cca4c2cb5f41d9 ruby-1.8.6.111-1.fc7.i386.rpm
cc3dbe9f841dbe6e0d359d2ab2b7cabe94f1b4e2 ruby-libs-1.8.6.111-1.fc7.i386.rpm
bafe165691e13313cec7eaf2e9f9c22a9690b698 ruby-docs-1.8.6.111-1.fc7.i386.rpm
3865799641ab8cfaa693cab37308d2a3bf0ad4a9 ruby-mode-1.8.6.111-1.fc7.i386.rpm
0c95364eb74d6b1f5f4b07ed6d66a0e2bb40fbee ruby-irb-1.8.6.111-1.fc7.i386.rpm
996e03ea4c3a1d7ef45c5483357c2fb7beb73c95 ruby-debuginfo-1.8.6.111-1.fc7.x86_64.rpm
90fe1934d38c83195134906833e8222addc191f2 ruby-rdoc-1.8.6.111-1.fc7.x86_64.rpm
1f2f1d68c8782d760a65de09b1f4a627718d5ec3 ruby-tcltk-1.8.6.111-1.fc7.x86_64.rpm
ba59f21192f32cc40cb4c2047be178734b152964 ruby-ri-1.8.6.111-1.fc7.x86_64.rpm
adca9b847bb47b5c45f23c3ff663d07017676309 ruby-devel-1.8.6.111-1.fc7.x86_64.rpm
78af4cec3fb987cd1152f5badff9ed9186556792 ruby-irb-1.8.6.111-1.fc7.x86_64.rpm
21230fa0aff49e4421e6661a150a14fa6994c317 ruby-docs-1.8.6.111-1.fc7.x86_64.rpm
7a647d719b28ee9a25f214681a65ed84905c45c6 ruby-libs-1.8.6.111-1.fc7.x86_64.rpm
8fbbb1f37f042da5215a0c16ea13a3a3a1ff2434 ruby-1.8.6.111-1.fc7.x86_64.rpm
5ef1f1afa63dfded00c25b15e01edcda6347dc42 ruby-mode-1.8.6.111-1.fc7.x86_64.rpm
a41467449b86e2f60c8d44c50e7c664f50fa3bf7 ruby-tcltk-1.8.6.111-1.fc7.ppc.rpm
16c7b99afe1247182537d587d587d5a8e5431020 ruby-debuginfo-1.8.6.111-1.fc7.ppc.rpm
e4b4a0d40b6137cd1e6bef7099ac652d4e727073 ruby-devel-1.8.6.111-1.fc7.ppc.rpm
8c7cdb1345e178181cbfea1796f0455a9d0e8d42 ruby-irb-1.8.6.111-1.fc7.ppc.rpm
d57f4f365a9e3708e0c59cd03dc694d873295da8 ruby-mode-1.8.6.111-1.fc7.ppc.rpm
886c7b82d356e9c14565c24eca1f2e3d72086057 ruby-libs-1.8.6.111-1.fc7.ppc.rpm
b8acf137a559abb0122badd4136e6a7822725752 ruby-ri-1.8.6.111-1.fc7.ppc.rpm
21e2e2cc5014fd594f5bfba22c5704a15b2c374c ruby-1.8.6.111-1.fc7.ppc.rpm
aced140b4117d012646030ca5cae9d3e9cae3739 ruby-rdoc-1.8.6.111-1.fc7.ppc.rpm
db59cbb965652398d359cc3734c590990be780fe ruby-docs-1.8.6.111-1.fc7.ppc.rpm
5e239c4d3a83031711eddce8e533cead141ba1f7 ruby-1.8.6.111-1.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ruby' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...