+++ This bug was initially created as a clone of Bug #199543 +++ Description of problem: A Vulneerability has been reported in Ruby, which can be exploited by malicious people to bypass certain security-level restrictions. Version-Release number of selected component (if applicable): all versions of Ruby, such as 1.6.x and 1.8.x without any exceptions. How reproducible: always Steps to Reproduce: 1.ruby alias_jvn83768862.patch 2. 3. Actual results: no exceptions. Expected results: $ ruby alias_jvn83768862.patch alias_jvn83768862.patch:9:in `p': calling insecure method: inspect (SecurityError) from alias_jvn83768862.patch:9 Additional info: thia affects to RHEL2.1, 3 and 4 as well. -- Additional comment from tagoh on 2006-07-20 05:47 EST -- Created an attachment (id=132736) testcase
Fixed packages has been built.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0604.html