CVE-2005-2337
CVSS7.5
发布时间 :2005-10-07 19:02:00
修订时间 :2011-03-07 21:24:07
NMCOPS    

[原文]Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).


[CNNVD]Ruby SAFE Level限制绕过漏洞(CNNVD-201503-467)

        

Ruby是日本软件开发者松本行弘所研发的一种跨平台、面向对象的动态类型编程语言。

Ruby 1.8.3之前版本中存在SAFE level限制绕过漏洞,该漏洞源于程序没有正确实现SAFE level检查。攻击者可利用该漏洞在受影响应用程序上下文中执行未授权的脚本代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:yukihiro_matsumoto:ruby:1.6.6
cpe:/a:yukihiro_matsumoto:ruby:1.6.3
cpe:/a:yukihiro_matsumoto:ruby:1.6.4
cpe:/a:yukihiro_matsumoto:ruby:1.6.5
cpe:/a:yukihiro_matsumoto:ruby:1.6.1
cpe:/a:yukihiro_matsumoto:ruby:1.6.2
cpe:/a:yukihiro_matsumoto:ruby:1.8.2_pre2
cpe:/a:yukihiro_matsumoto:ruby:1.8.1
cpe:/a:yukihiro_matsumoto:ruby:1.8
cpe:/a:yukihiro_matsumoto:ruby:1.6.7
cpe:/a:yukihiro_matsumoto:ruby:1.6
cpe:/a:yukihiro_matsumoto:ruby:1.8.2_pre1

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10564Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag prote...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2337
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2337
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201503-467
(官方数据源) CNNVD

- 其它链接及资源

http://www.us-cert.gov/cas/techalerts/TA06-132A.html
(UNKNOWN)  CERT  TA06-132A
http://www.kb.cert.org/vuls/id/160012
(VENDOR_ADVISORY)  CERT-VN  VU#160012
http://www.ruby-lang.org/en/20051003.html
(VENDOR_ADVISORY)  CONFIRM  http://www.ruby-lang.org/en/20051003.html
http://secunia.com/advisories/16904
(VENDOR_ADVISORY)  SECUNIA  16904
http://xforce.iss.net/xforce/xfdb/22360
(UNKNOWN)  XF  ruby-eval-security-bypass(22360)
http://www.vupen.com/english/advisories/2006/1779
(UNKNOWN)  VUPEN  ADV-2006-1779
http://www.ubuntu.com/usn/usn-195-1
(UNKNOWN)  UBUNTU  USN-195-1
http://www.securitytracker.com/alerts/2005/Sep/1014948.html
(UNKNOWN)  SECTRACK  1014948
http://www.securityfocus.com/bid/17951
(UNKNOWN)  BID  17951
http://www.securityfocus.com/bid/14909
(UNKNOWN)  BID  14909
http://www.redhat.com/support/errata/RHSA-2005-799.html
(UNKNOWN)  REDHAT  RHSA-2005:799
http://www.novell.com/linux/security/advisories/2006_05_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:005
http://www.mandriva.com/security/advisories?name=MDKSA-2005:191
(VENDOR_ADVISORY)  MANDRIVA  MDKSA-2005:191
http://www.gentoo.org/security/en/glsa/glsa-200510-05.xml
(UNKNOWN)  GENTOO  GLSA-200510-05
http://www.debian.org/security/2005/dsa-864
(VENDOR_ADVISORY)  DEBIAN  DSA-864
http://www.debian.org/security/2005/dsa-862
(UNKNOWN)  DEBIAN  DSA-862
http://www.debian.org/security/2005/dsa-860
(UNKNOWN)  DEBIAN  DSA-860
http://secunia.com/advisories/20077
(VENDOR_ADVISORY)  SECUNIA  20077
http://secunia.com/advisories/19130
(VENDOR_ADVISORY)  SECUNIA  19130
http://secunia.com/advisories/17285
(VENDOR_ADVISORY)  SECUNIA  17285
http://secunia.com/advisories/17147
(VENDOR_ADVISORY)  SECUNIA  17147
http://secunia.com/advisories/17129
(VENDOR_ADVISORY)  SECUNIA  17129
http://secunia.com/advisories/17098
(VENDOR_ADVISORY)  SECUNIA  17098
http://secunia.com/advisories/17094
(UNKNOWN)  SECUNIA  17094
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
(UNKNOWN)  APPLE  APPLE-SA-2006-05-11
http://jvn.jp/jp/JVN%2362914675/index.html
(UNKNOWN)  MISC  http://jvn.jp/jp/JVN%2362914675/index.html
http://securityreason.com/securityalert/59
(UNKNOWN)  SREASON  59

- 漏洞信息

Ruby SAFE Level限制绕过漏洞
2015-03-24 00:00:00 2015-03-24 00:00:00
远程※本地  
        

Ruby是日本软件开发者松本行弘所研发的一种跨平台、面向对象的动态类型编程语言。

Ruby 1.8.3之前版本中存在SAFE level限制绕过漏洞,该漏洞源于程序没有正确实现SAFE level检查。攻击者可利用该漏洞在受影响应用程序上下文中执行未授权的脚本代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        https://www.ruby-lang.org/en/news/

- 漏洞信息 (F40697)

Debian Linux Security Advisory 864-1 (PacketStormID:F40697)
2005-10-13 00:00:00
Debian  security.debian.org
advisory,ruby
linux,debian
CVE-2005-2337
[点击下载]

Debian Security Advisory DSA 864-1 - Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 864-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
October 13th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ruby1.8
Vulnerability  : programming error
Problem type   : local
Debian-specific: no
CVE ID         : CAN-2005-2337
CERT advisory  : VU#160012
Debian Bug     : 332742

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the
object-oriented scripting language, that can cause illegal program
code to bypass the safe level and taint flag protections check and be
executed.  The following matrix lists the fixed versions in our
distributions:

          old stable (woody)    stable (sarge)     unstable (sid)
ruby        1.6.7-3woody5            n/a                n/a
ruby1.6        n/a              1.6.8-12sarge1        1.6.8-13
ruby1.8        n/a              1.8.2-7sarge2         1.8.3-1

We recommend that you upgrade your ruby packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2.dsc
      Size/MD5 checksum:     1024 02c4885bf1d3d6272be11978e8d9418d
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2.diff.gz
      Size/MD5 checksum:   531380 ce444a411b23c9d971653956b2225448
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2.orig.tar.gz
      Size/MD5 checksum:  3623780 4bc5254bec262d18cf1ceef03aae8bdf

  Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby1.8/irb1.8_1.8.2-7sarge2_all.deb
      Size/MD5 checksum:   166200 950967e1aebed573ce5dc7dfb3aa92c5
    http://security.debian.org/pool/updates/main/r/ruby1.8/rdoc1.8_1.8.2-7sarge2_all.deb
      Size/MD5 checksum:   234134 c88180c3fa145702ee4b06d2249a807d
    http://security.debian.org/pool/updates/main/r/ruby1.8/ri1.8_1.8.2-7sarge2_all.deb
      Size/MD5 checksum:   704562 2d2569f0b3ff912984e9420bd2b7c973
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-elisp_1.8.2-7sarge2_all.deb
      Size/MD5 checksum:   142306 4ecdb2f1dba4d8bb7b900b618eecb767
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-examples_1.8.2-7sarge2_all.deb
      Size/MD5 checksum:   216314 246b7704cea26b42539e57c6398e3a0c

  Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   135712 e0195f6fdd8d8fd69014682b57baada8
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   137264 937ffdaae7b454b8125baa73059d8c35
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   237336 a612c26a6b1bf421b22cd001858740e1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   133182 fbf454b5428a59fee911aada58a924eb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:  1468302 386db9fc15b60d25dd34552e24e3c50d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   826734 b821379165dd8cdeec62c679ef577589
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:  1449910 be28287997258e39caccd9badbdfd95c
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   151744 afb890dc2b87799d2460dc8b2bbfb96b
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_alpha.deb
      Size/MD5 checksum:   795230 4d27009b3cb959baedd807e65821f824

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   135068 0609f0501dec9b3b9f4d19bd308af45c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   136550 1f876514bb9cd3d6192b4f9eda1f48a1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   233800 745f578b197d85af57dc165f710cd0a2
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   132396 74635cf281b1f404c0520794f9da880f
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:  1392074 bfd324fb43c1f2ebfcf7ed8d8673cbcd
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   780174 085f001489367e205362a7043bcbebdd
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:  1446526 f334b10112d05e862370d691d0a365d8
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   151404 cebe1b6d7ba283e369ddd03945384537
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_amd64.deb
      Size/MD5 checksum:   648656 9d20209d15264b47f4ce654be0a47bb1

  ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   134114 fa9211a4e8304655a753993adbf20912
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   135222 286133802cc9ba542ece606eae42c5ea
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   222152 e8ea65dc3ca8ce1cd01850f07885d507
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   131500 7ec64be742a6629bffa489e69b0a8c23
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:  1348038 af53111ae865a0eca2f0349e2608e2fc
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   743418 727f40cb8768e64989b84b4b3b5f647d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:  1440846 8f693fa58826b96ce0074eb1a78b9a31
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   151244 beb813b6236b405c7496051581493838
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_arm.deb
      Size/MD5 checksum:   659752 e4877ae85dbce5d6cded5553085b2108

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   134666 fd4689a103dcec74f07ef1409ad5096c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   135912 6c161489efd29807f71152870fda6242
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   224632 f7c2f927c8a9894c19250dbce94af541
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   131662 a493cb06911381c7f512f11d33e659c6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:  1349200 6bb9adddc422b7f433516a7fa1edb737
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   757702 b27bc494dcbf9043645ea471f6b56135
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:  1439766 99077386fc533b577c7caff5788065a0
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   151256 a279b83da66c1b526a6ad69b887ce4eb
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_i386.deb
      Size/MD5 checksum:   621964 db987b32db00808ea5597196eb488828

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   138330 aaeb7943f7c095a6f1dec2692ab2c1ad
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   140154 8b0c62eebd9e0f467113d04874330832
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   265406 1b24c64e5771209f96e769ca8bfe56f4
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   135534 d55c51c13c612ef185b3c57681a245c5
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:  1703448 4d184281f1f59426b9bdea84afe70267
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   997842 66576d718b46cd0b128807b67f987fe1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:  1462706 5a2fcbfe348590bdb12801378c330587
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   152160 060844ff66807aa635d4c498e64d76e1
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_ia64.deb
      Size/MD5 checksum:   867056 fd92260fbba9381725d41399a2df94ec

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   136278 38e3ec76e1ab906443cf6fec69dc0e05
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   137940 6fc19a4ccdcf112b12e1c9accb66ab8c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   246626 8295811621cf2a9d70e7e23cbdcbae85
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   133462 a5d6a0a89122f820aec8abd77185fa5a
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:  1500658 17492c24e92970dc0aa9cb5e4aca4c9a
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   839388 e54b0657edcddf4a6ce8227c7fa31612
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:  1453434 be279ff8d716abe7bd603cf0c1d6d2e0
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   151812 9b4c3047a843aa5958c96dc31a6ca033
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_hppa.deb
      Size/MD5 checksum:   735402 a873a095e04b47c39f12cf200b7ec146

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   134148 77e347fef526b6d7c91af179c04c8c0d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   135542 3e87769580c19d394630fe5a4b72566c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   230520 3afcc5c8b461a80207c6cc02fb50fccd
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   131838 b38660f2ca7420e371a7f7d876e6e950
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:  1332586 96b2e8e4d3b0b86153110c7c81907194
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   729728 3ed2ad31db64434c6ddfc7dc06e6ad23
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:  1439160 b45b47d802584b54dfad1c6bd8b886d3
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   151196 54f4736454fcb961a617b9662c89c932
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_m68k.deb
      Size/MD5 checksum:   552676 ebc099ac3da1a205131a7cd98abf8c4e

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   133922 5574b80e82c88ba25d711c102a50f95d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   135298 5372b46d24125108b393e2cc24222cf5
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   215232 1afd304916248bd18edfa5f55d7a3cd3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   131400 817e2f45f9e272be8a3b993eca4a7985
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:  1355746 8a6f98d621f55e78dc84f7061c2b358c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   763368 2852fbb514587ab0abb3ebc2ad415df7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:  1435716 29878f0fc435dc1c33010220cc837d37
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   151958 dc0fd07a7d9e9ccadeef95bde0351817
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_mips.deb
      Size/MD5 checksum:   683474 ac97f82253f46913151efd5c3099c551

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   133944 f12935c8449caa200cbb7b735de6ada6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   135310 8011dc5dce4768864419996c3f6d9a48
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   214456 c5778a3a1a07a8cd80b9ab077cde5074
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   131344 1b0e29645c8a3f9077910c96b48a1359
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:  1357228 df7e72e3b3cf00080b0c69c2e2001887
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   756232 8fef45d81f7764d2d427dd5bac4dba0a
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:  1435972 155c5044db95709e01c01659ef93a135
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   151934 5e865f509796fe53b0d2a1b5a5c9c72d
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_mipsel.deb
      Size/MD5 checksum:   677334 8dec776253eb64b42035a7a7589bb970

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   136508 eb8794cafa6e7a9d5e31ffce9fdf2694
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   137652 a22f7061882f801c20c4907d61d9cd62
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   224840 3b55b937e39bf8c5dafbaebf05f32b9c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   133562 bb942bdf0d032ecd717704e47ccc1cd2
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:  1405880 896f47ccbc5e50dd6a78cba52a59c6b6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   969794 1e912d075c159fbeb6411d1d72e880df
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:  1444114 94110d9d029066fd53add4a26a98cff4
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   153102 09c2d4538d43322dad1d5470e772cecb
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_powerpc.deb
      Size/MD5 checksum:   620568 ecfe1728330b3da2c6d0f6f8a6e7e16f

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   135552 4f867891b8b39115f577b783155781eb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   136898 3ec59c86a92fc1701aea5bc1c7f0de67
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   239628 e5cf477060d233cbd8fd7d9e830a6e95
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   132888 7c4f2d122a8f104f6da6fee3251662f3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:  1430880 8fffb3c762493b245e1e446c4e5c9425
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   907026 feb133e3bb6acd170fb4b9202f0f0b39
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:  1447002 3f8391fea58a78e222224d8214758af6
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   151486 fea474393cc04d3de74061bf04f537cd
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_s390.deb
      Size/MD5 checksum:   674232 83aed4af46b6f3bb1b1f0dbabb4e58c5

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   134400 9eed1234d06c62465aab5ae4e65eed8a
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   135594 4ed728b82c57df8e6e0b9e59148379b6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   228836 99ead3d7d81c4829545e076dc8d6350d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   131752 ee4391927a34eefdeea3d8221f65380c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:  1372598 f1d3a7ee86e225463216ce941ce2e53b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   747546 125894cb5762503df22983895697ad5a
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:  1441758 d1a84594180334347f17fd7bff0dad3b
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   151248 dca393d8688579270f35d31fc731b8cc
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge2_sparc.deb
      Size/MD5 checksum:   646070 f5375c053ef3cf8f517581ece10a1e86


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDTgNwW5ql+IAeqTIRAufxAKC3KDWIOjkNB2ge/6tSIWzK3ew7XQCgg3ef
rUkIAKPNTWNNM85iUDtl1rQ=
=HF/O
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F40637)

Debian Linux Security Advisory 862-1 (PacketStormID:F40637)
2005-10-12 00:00:00
Debian  security.debian.org
advisory,ruby
linux,debian
CVE-2005-2337
[点击下载]

Debian Security Advisory DSA 862-1 - Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 862-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
October 11th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ruby1.8
Vulnerability  : programming error
Problem type   : local
Debian-specific: no
CVE ID         : CAN-2005-2337
CERT advisory  : VU#160012
Debian Bug     : 332742

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the
object-oriented scripting language, that can cause illegal program
code to bypass the safe level and taint flag protections check and be
executed.  The following matrix lists the fixed versions in our
distributions:

          old stable (woody)    stable (sarge)     unstable (sid)
ruby        1.6.7-3woody5            n/a                n/a
ruby1.6        n/a              1.6.8-12sarge1        1.6.8-13
ruby1.8        n/a              1.8.2-7sarge2         1.8.3-1

We recommend that you upgrade your ruby packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1.dsc
      Size/MD5 checksum:      995 e613b3e49e65dd6001cf69b2d1dcd02a
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1.diff.gz
      Size/MD5 checksum:    77597 1501c9f27a55bc85d7acef46fe4c4cc6
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8.orig.tar.gz
      Size/MD5 checksum:  1022364 aa1e272added83a5206c565d62c9c8ed

  Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby1.6/irb1.6_1.6.8-12sarge1_all.deb
      Size/MD5 checksum:   174586 2a9851bd0af6614dda24588455074ff1
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-elisp_1.6.8-12sarge1_all.deb
      Size/MD5 checksum:   152398 d695298a1a0a68502be9447e6bec21fd
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-examples_1.6.8-12sarge1_all.deb
      Size/MD5 checksum:   160090 36f37b50ac679829dd40a15c0dbc473a

  Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   146272 830999406560e426388906bed6fc32f0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   144768 8cc291975b2028ffa664014e457aef51
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   146272 ed776465141513435c7acd651a515771
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   148336 1b77918342617fd5d4e0dedc925947b7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   144624 679c1efd1d5f72340204c5138c47a394
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   687886 f4ed9f39d03136054e133003d181811b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   726048 6872073af42d36e7c55cfe89ff80294d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   148838 a07c2f788d657792689d26a7eb7a0767
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   144750 c425a6f852f34a4ae36b9909abc39fe8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   165262 3299987425ccde3d8c7d63e4c68a9419
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   178364 cdb82c24909c956502e7a164b8a5cfbf
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   159012 64269aef2e9ef5e41c6d4a685d698ef1
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum:   699520 cc9b4b545800d24736c0aa61eae7b7ed

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   145214 62f6775a96a52c992009e7ae78870857
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   144048 bc43d68ce732701e49e5f718ed3a1250
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   145600 4c1e65809496c716c402e8e36df61ff2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   147742 2b4938f3482593cee9e2f2237771b085
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   144008 7f87c6d385866e425225ab2111922222
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   641870 fc06992c575a42ab7bec4c451e399b2b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   687588 12aa68b51a965709d07b66b2ae468fe7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   147486 849ab6e15f230955b3fe2811c4c5bbbe
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   144274 9e9e5e282235b023663377a922c12e8c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   164534 6ffe869fe587eeb8af0afa85e59ba04c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   178106 1c99808fc26ee57524b325f23bc954b7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   158718 04e41efde4ff5bc65e318a329bc58a0e
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum:   576640 8ecc9bc9d98f5cc6252669cb4226a8d2

  ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   144204 f1645645feb3afbdb4d2b05414338246
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   143178 d0f47d2993103dd0374f122bc9581acc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   144118 0d292e323905542ace2fcff80ce7a96b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   147034 9c4e1e6234c99aaf9a5c6a7567cf0eaf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   143214 2f9a1d7392f4404caec61be544212b58
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   616070 46cce24fb6f8517b44b5116f9fca82d8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   657706 ad063f27e515e00fa054dae13afe3b0b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   146276 3c13f593a6b9105b37725133cc404f37
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   143842 92d5e50b479aafc91b1dbcaf9cc84630
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   163706 681543bf91f9e6cb3429f124946f81d0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   178038 9ae24accb6bee6ce912f300cf220d465
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   158484 23481ba5c2c3fc25f08826dd44e3b3df
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum:   581472 f33a2034bb5834b388ff7a34b2eba076

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   144606 1c7f814e73111b9c7e278c646a493c9e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   143786 4422413479fb4ec1ff2a1ce539f6fa9a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   144840 9d920a52efe0ed2d9fff9f2e7e9e31d3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   147172 b0fa56144fca3904cf94367256aa2958
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   143386 97620abbd856d284be4e11ccd70cfc30
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   616208 43df4e31f759d0693580601a419d46e8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   669234 c53d3fd003fbe35bf5003b896905735b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   146982 9588d68679bc1436f1030275e63e66f1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   143706 8d19c9b3e2c07eaf00fdafbd8966bf0c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   163964 5b4c2033f0f48bc922e90438c77785c5
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   178024 5fa725579a6d816aac3e4dd54fe5414d
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   158492 25bcbc16181918c7f3b20d90eeb8c61c
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum:   551580 d0fcca5bc2ff091a57fb8b2e2a89e6a7

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   148064 b14fa6d594e3c9f415075886c59efc91
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   146936 31e49c117bf65ddc43589d5bbd513c0a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   148966 990625da55b6e7209685a0f89e76f9ef
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   150416 d7108c6c559af7a6291619d1f732174c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   146798 c3f6984e76608a9b977e5836319ea0c1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   820242 4ddff67147676d5cbc830b230c5b4402
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   874392 06b2241fbd41959490366790ff331313
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   153986 c5e2caa2d199e15525ebd5bb23a4c37b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   146256 70af049f3475c7a90743b265945202cf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   167436 eeec3779c043bc4b4d7bffd0ae6d4b6c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   179064 b344581902e348080d335305164b70ff
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   159436 b4ed63ae8c85d96e7fb4b44f8d21a68d
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum:   761782 389aeb10ae44b9d25f40de130e2982de

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   146312 3e20478abb95835da131825bc2988b73
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   145254 4150ecda48bb95ec672a0acc8ed49d6d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   146752 7a88dd5c944d6b70a62771b756a52fea
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   148694 150a7aec78e0db67e91833bf8279ecfb
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   144862 a611079fc01763bd37a58d8aab20ba37
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   702356 28fc0e042bb8f2bc2069411ac0ba0f54
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   740460 a503abdabdfcf61969491ca7547e6b0e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   148658 55fc1849954f9cb974bbac9869e0077a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   145380 1bc8d041dc148f66847854cb6793a399
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   166084 e6eac2b99b584abe67612fedea626d42
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   178814 c5206bc7bbf8e308d365a05dc5a9c992
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   159076 31e740218b0084a74b8260e8dbf60f6f
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum:   650322 fcee80e774dfe9de2b278b2b8ffb2adc

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   144534 caffa585178c88b5fcf8fc214cb8308b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   143220 8e44dafd97bcf0a0f8afe93c0b01de27
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   144432 6b714c1ab2f0fa4071edb9deb465fe57
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   147360 ee206d81469da1c6f7736ac51845ba5f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   143474 bcee1f58c2ca9057c2a411a0740e0573
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   602716 24d9bd038d628c1db384bfb7aa4cd773
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   647806 971b47d4fae8ccb0f53f7e829ba0544f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   145680 3f5aad29b03a85dca9a4f72dbd44a5c6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   144260 4dcb803b3ec95fef747d89ae4fae94fa
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   163888 751e9a821575b3c77232c3d35911f7af
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   178018 28fbfbe7376779ca8386891f930d6765
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   158428 3ec10442a3d8f8f28953f8e6924971d7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum:   493178 a6d69685e82ebc824817822d88698cc9

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   144242 4f8ed87a6e2976008b08b7eabfff755f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   143152 cfc383910f43654f09b8ee6eeb2489ee
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   144340 2dbf9353884f300828f575fb21de190d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   147512 64c25b9a7e0c67d49b7790e6f171bdb4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   143394 6ccdd3e605ea67f5e034033515c36225
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   626520 7c8b4354f567869f1372d7244fa38fcf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   675786 796fca31a249c630afb9f062c07872fb
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   146698 70318712fdf70fd552440737766988f0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   143686 8f47673723d2442b4d4f31949f2b5c82
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   163360 d7ac01193e37eb475ceb73d5497986e7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   178126 b1bd10d219f1865d50a416477425f835
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   159248 4e285dbfb07335958986f5c2d89707df
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum:   603820 d7fac4c7a792ee77f63215e9ba964348

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   144214 671e6ee5dadd9d1f17c8cadacc4a3fa0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   143134 37278795594c78aa9d0149a75d0f2f07
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   144336 ab0fc506cd0e48174f03c103d82cc17c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   147442 034fca9d3ec1edcc7ea392b5a5f7b1dc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   143336 f7f8a1c7939e76caa21b5a459711e588
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   626868 a07abe6c151ee0d6cbe68243ed67c772
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   669678 22fd298c6e8f937240f08a1267734853
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   146724 dc9f2c30aba80e93eed5c28f9c457b48
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   143676 687d27e46d90ba1f6230f9449b831f64
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   163300 5d04b6ad98189d3d33eda25e845d8983
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   178114 178a5a76059b4283296fdf3506fbd411
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   159234 ebd830bd191a2b57b303cd4386820fbe
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum:   597128 53bccd3908f546a3f7a0dee384a86160

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   146082 29d498883a7e119aaa7e2f4686a8a150
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   145600 2d7e763c8df7c32a43eea2d0b340d271
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   146624 53b861a0d56ca164448c7f54eedcc997
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   149280 e943df99c3446492674e72d9115b02a6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   145264 903c6ab6388f3c8b789bdbb0c79c3cc1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   650948 e0d59d1d6b367785e46b421de716a6ce
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   857840 0386239944c697c4795374c92b79b3ca
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   148638 446de38974e1ae8975b3690726b3cc46
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   145856 29bfa85722e178918c0af0736150a589
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   165454 4517c79531d330a4ca5017378e7e7d55
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   180046 14656cefb29bdc971d2868f16f91b296
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   160406 028694ae18a64e504b48882441118dec
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   554456 e6a2e7b958723c6db21d61aaadf4f57c

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   145594 6e4dd004f179021b0abc04becce5cb42
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   144478 450e600c71e9b02b230e9fd4b9cf1bd4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   145884 e6366a34175091fa0a784639a82b24dc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   148244 681cbb886fb1de22c0f62f716204e036
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   144452 185f29d21fec0491749ff76834bfe4a2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   665724 910c194a43c021d7ea4225f880efe925
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   794702 b431c1c0c10697aa06a9e2635d86489d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   147978 3a6393d860d3bc3a83ba123a5e4d1646
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   144456 295ef46485f7192c12800cd576fa2f1c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   165022 131a76337cfc3b10bcef1154ace8db87
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   178322 066bc3fdc9add59974a853c742958898
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   158748 e4d4fefe7665e96d5c1cfc981a58ddb7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum:   596304 f942722704b9a8f90228d03755b2cc9e

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   144338 5332edabace9de394a21fb16dd68fc00
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   143362 03b589c0a518b0f44e16cbe4361028f4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   144576 acc39c3ba4b4bd2497732a3862ca957f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   147296 5a8c72ddd29daa72ff4c41d145b47e0a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   143426 eefa9293af5d7bc1a48230d7f99ad214
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   632062 4870dbbbc0eee377fd47e103eb709fd1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   662146 3a3b701fc2ab97a5d8f3ce2163a85e38
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   146136 1c917b26ddca3363bb0dace0a88b118f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   144176 08d3ccecd5906ccb786d1f4cc357c876
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   164110 4ad811d916642b4c163fb15cb47553e3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   178084 03ee561cda0e95ffc8aeae1273d3ce91
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   158504 ad024bd45125b917ad22eba95404d0a5
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum:   573712 4da39b6b64fbcd25256fd5d7e1ca1fe2


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDS2NNW5ql+IAeqTIRAo8nAJ92nuS7xRCkj/SZ7zUMiXOORjFuzQCdEKDz
KX9jy3sjkNA/f2FIjbw9xg4=
=laFa
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F40627)

Debian Linux Security Advisory 860-1 (PacketStormID:F40627)
2005-10-12 00:00:00
Debian  security.debian.org
advisory,ruby
linux,debian
CVE-2005-2337
[点击下载]

Debian Security Advisory DSA 860-1 - Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 860-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
October 11th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ruby
Vulnerability  : programming error
Problem type   : local
Debian-specific: no
CVE ID         : CAN-2005-2337
CERT advisory  : VU#160012
Debian Bug     : 332742

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the
object-oriented scripting language, that can cause illegal program
code to bypass the safe level and taint flag protections check and be
executed.  The following matrix lists the fixed versions in our
distributions:

          old stable (woody)    stable (sarge)     unstable (sid)
ruby        1.6.7-3woody5            n/a                n/a
ruby1.6        n/a              1.6.8-12sarge1        1.6.8-13
ruby1.8        n/a              1.8.2-7sarge2         1.8.3-1

We recommend that you upgrade your ruby packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.dsc
      Size/MD5 checksum:      952 551966d3fda510ab6609efc34d6bd8c3
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.diff.gz
      Size/MD5 checksum:    45214 d4c661766b9dc68b5d242b132aacbf71
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7.orig.tar.gz
      Size/MD5 checksum:   996835 a8859c679ee9acbfdf5056cdf26fcad3

  Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby/irb_1.6.7-3woody5_all.deb
      Size/MD5 checksum:    51388 bdec8679bf80535ec7a3bbd49c4ed6e1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-elisp_1.6.7-3woody5_all.deb
      Size/MD5 checksum:    30438 b172a832ca173372ababd59babf102cc
    http://security.debian.org/pool/updates/main/r/ruby/ruby-examples_1.6.7-3woody5_all.deb
      Size/MD5 checksum:    38018 4bb23549b9b4981886f37d70aa028993

  Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   129594 5addf6eb42dde52eea7e0b7e0951be94
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   128700 16024eb4c9d88b3c1880a4f8bf792efc
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   130080 ac62e8e089060e2cd737840ad77ab271
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   134978 4e0df5a3e650ee59f755b3bf58c7d572
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   132018 aa03506125ab54056057d27a61af202e
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   128584 ed5002f3927814c0e08ab5f85d6ba9e5
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   644604 db64bd84fd323881f465a49d3179ff14
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   132470 802403def99ca35d674d808192cd146e
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   129070 6450e83dcf8c4ba3d794a04f1379b323
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   147602 d09ddb9cecb955a56fb7c42f4349b57f
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   161582 cd611b93c6e4220d0ffff99fb2556618
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   142760 3622426c392f9fca540ff1a44d5deed1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum:   626082 e08e2e93602ac95abd45833a2eb92821

  ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   128584 43c7e57f3a4f5e594221d4bf4c7dfb7f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   127460 2eda8af9bb8b722d0e6bd1b50ad89f4d
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   128420 f01f4da2eb89ec6c6ffd50c461177ffc
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   134588 bf7ac7c6d01120e64bb4cb35aa9f3f5a
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   131328 216e67b0e333c046fadc659b6ff4c397
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   127470 b116cc920991c4188ec2226c39af1002
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   602774 b9ff70c418ddbf3b1b620301b4c36c56
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   130602 f2aaadd527b7daede43307e158f283dc
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   128296 18492115821c42676e3d8a78e5db009e
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   146828 535237cacf1940c3ebc7de247d113abc
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   161390 ab9a10b1778b37db459addc5de1e4566
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   142410 204b041fff5bd5bc6e1bd294ae2bc892
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_arm.deb
      Size/MD5 checksum:   572716 e026e5c3452b42d455a2eec4d165d79e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   128068 08725c4eb2ed019492b0341dd0a5330d
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   127282 32a6e3ef5466ce4731d36461eaa17972
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   128072 2755301286c11c942d990d4700df4d7f
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   132820 16f1188a52b0066c782aac16d0066b2c
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   131126 98f642c1695aa85660e01b85da94221b
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   127234 425551af222de3aafefa24abbac7562b
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   561442 6711cd3d3dfa633741763af9a937aa23
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   130096 522ad7b8d2d01afc5967df01590945e8
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   127540 17b99f9bb7656a84da6291d98de82d99
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   146466 718cc8a23c00a6c17551e8cc32a635e3
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   161430 86da7a51ab1d8670d0ba975b63a17599
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   142466 4c09dee6dca063b3a3129fba9ec5e2ff
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_i386.deb
      Size/MD5 checksum:   492656 870934b923271ea29f4dcd6d301a7230

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   133220 e79b7c824bf1b4d35fd32fe9f7fa792b
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   132740 c4542e3a1b6e042f44b18c1aa1acc1f8
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   134746 0caff55bf479b72a3955225f8a0554b7
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   139956 845ddc646096f8b83c2b7a17349eadb5
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   134108 c2c54195aa3afde5240bb700495e431f
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   131684 0d2bce7ea27bb42c04c5e57c9d427eba
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   854376 f9bbc7a3e2c24e5feea248d83a33cf45
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   140440 65338e07df3a04450a3ce77b56e349e6
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   130830 2f798f1dd5d1bab5430e053886f16f1a
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   150428 f9a529ac7f458e2a8b955cf045ede5ef
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   162432 f0faff2a31be069bc3725d91e3dfcf5e
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   143282 84ccf19fff6e067abacdeee5b53cfd62
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum:   755134 39d4e135ed7d41d7cf36c02fc65e40d8

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   130620 18824711592d38afb46c3bbe88b7000d
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   129342 b7604fa4086a3a2c087d22fce52d6926
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   130844 df54e9181c4cdb66b1eb3004757ed615
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   136100 66fa8cd3f735d490ac744ee8c8e065cc
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   132326 d7041eef1502d1f03800f36bf07c5d31
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   128682 153364a5308c6297d8ab052f58aede17
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   686092 c8c31e0dfd459134f4483c25ecb1605e
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   133000 e835d5bea37629a7c030f41f7727bd30
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   129138 fa5bd080276b3420e65e18dbf28b58db
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   148062 5438497f33bf13a89763ffcfad7e8307
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   161918 6a134229fe5bd8805a7eb1fb9f70fb7b
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   142682 ad86a668a0fdce652f82ecbc860642d4
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum:   667184 75525766980d720ef9466dc5084f0aad

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   128462 8b53b52b9d172ec8a4c2ca273ad2e50c
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   127274 22ea934d90e831ecb7301f770e4d4e4c
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   128422 b481bb5dbf7d8a93d564bf8ce2d3c8c9
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   132854 0762b8fd6b1a854cc8f8019cea72a4be
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   131388 17cbfe8113ded65e73296458b6c55e43
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   127460 b57b7ce7916bd449155859a12d5f36e3
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   561566 20c1f429ce0801de8fbccc42af9070fe
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   129810 a2a33ad6f2e99e2b02bf2a54bab0e639
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   128268 063cfc2ede7a7ddd2c468af73c241a84
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   146694 2a19f465b91bb3437c8af442c59e6421
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   161466 649623cc5642cd95376dbd79c0f07526
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   142414 c232d7bb1658e342ee111eacb36174bc
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum:   470866 59c178ae18b0b24f68ac9604251e3002

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   128320 aefd47e6723cc63ff4fbf7362c149c8f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   126996 a7cf134385bb6b9f4c7816efce108b75
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   128158 8e41685e563713c121ccbc4bf402d9db
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   133776 f58298154540c36c03034ec05fa47197
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   131022 981dbeab5f95af5fbd03701d33dc78f9
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   127268 00fb08327c8ec736425ac8bbb8a59602
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   581962 ae286a7d6af2b63c32e5c83221e037a3
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   130500 61ed7a947ed21291986c550e582e7893
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   127880 df2365ad710056bf5adf583599553769
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   146632 f14e29848521e87c99eb831fa38aeaea
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   161494 91f17ebfc8f2312ccd8de4b48f044fc5
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   142794 6158778b805819770ae450c7be6cc636
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mips.deb
      Size/MD5 checksum:   587476 56e3a663bed556c62245f44fb842a260

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   128270 51cdcfce40d81d6638dc5911a53af74f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   127010 0a920aa47f080a9b7a013d9be6c4893d
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   128170 6754cef3b431913af6beadc9d6b5c992
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   133782 c12e182534e982c17748052456d2c63b
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   130994 30c478fdee5b2b816f5cde1de1c9ce9a
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   127204 e3d3b6570b9e466cb00422894b89f272
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   581506 b440b99e2f4e22def3fb16acb53c2789
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   130492 61b91e3644804b7930ef242bd7eaec00
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   127860 b79131a39645af7ff39d28a46caf2281
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   146560 9217697a7f9d61e8fa7afde70b05cb46
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   161480 e2fd66dc33a7fef5774c0e9e206439b1
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   142794 24f322a483564685309ec237564cb6d5
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum:   578040 a3e73feefcefc2ba5a395d22988465ed

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   128440 4aab33c5e3b67bb9587157ee92d54b59
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   127652 43cea2b0744fb18d534a198ab378e56b
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   128736 be8c8a5e89f4869b0cfb7fe2f459c0e0
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   134484 41b2c0ac000cf39c6939044be278c901
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   131380 9a9768cbd57fea5ffd213b5e3704477b
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   127538 fd92851b186db9671b9f7ca5ae45becf
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   607244 d8708b9ace56768e8d0f04fdaa73383d
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   130610 ca66d341fa806e4134f28651d268a303
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   128350 a15ae783638e26b5a8e304e1e5604ab5
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   147064 91ca064abd335e40f9f4e78938031a06
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   161490 0789a5a2db577b8a5e4f382ee021df5d
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   142502 2985b64774c866d8ea9d696caec05d2d
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum:   529288 f1524421a9e6dc8e6923f75bfc8f7db5

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   128658 5e577aab56fda2c047e3dba9339c68e0
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   127854 4339a54fcc69ea122b828823780f9898
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   128914 81334959c6f199176b33f21dd7e78554
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   133690 9dc2189e5874e459739a644add67adc6
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   131850 8579274c8888e4a1d6fba0dd19118242
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   127940 087559fad36518eeb6fd44a01ed912c4
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   600770 3eeca259d6d6e5daf060048ae1c8c519
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   130864 d2a839f6b33c2e7020218fd23ac7f6a1
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   127924 72df0f116934d714d32def89277a970a
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   147222 e6778fca82f71b5d43fb03d4cbb03fe9
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   161560 668c35f9c33acdd9f3a994a0bc927d1a
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   142670 ae3246594cfa2e3285bcd636f984386f
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_s390.deb
      Size/MD5 checksum:   532308 445a8016212e5b787625097127b4a1a4

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   128412 87c7feb58f11785c1af6f9a51d987a2f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   127468 c34d8ed252a8d1ef5051a17e3fbd743e
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   128918 b24361084a9998be8f7fb84393221c19
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   134320 9015a2988d0f5305d996f5fb387f2bc4
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   131362 8272893400574f4f0934f2b04072ce09
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   127438 0b36fe5c0f86ba2334cc91013f366688
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   603136 07188840adfada3ac0af455668f7a908
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   130212 8d41c72d9695b44afe1e67369fd1ce46
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   128284 3be2192cc38ab41907c7a2331069b286
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   146774 3f65f580c669efb932f31411b58c4c4c
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   161528 76ca94791c147efc9a7beb85c526cfdf
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   142452 a606854f0cf791b868b2821d4bed54f2
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum:   561276 e1e23af9f2a36746bdcdf5f8e24769b6


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDS0W7W5ql+IAeqTIRAoxtAJ0fYARfEkdlA288FaP2mFSGpyk/LACgnu8N
iWhgyA6ooPPZWzoX1z/26xI=
=QIsl
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F40565)

Ubuntu Security Notice 195-1 (PacketStormID:F40565)
2005-10-11 00:00:00
Ubuntu  security.ubuntu.com
advisory,ruby
linux,ubuntu
CVE-2005-2337
[点击下载]

Ubuntu Security Notice USN-195-1 - The object oriented scripting language Ruby supports safely executing untrusted code with two mechanisms: safe level and taint flag on objects. Dr. Yutaka Oiwa discovered a vulnerability that allows Ruby methods to bypass these mechanisms. In systems which use this feature, this could be exploited to execute Ruby code beyond the restrictions specified in each safe level.

===========================================================
Ubuntu Security Notice USN-195-1	   October 10, 2005
ruby1.8 vulnerability
CAN-2005-2337
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

ruby1.8

The problem can be corrected by upgrading the affected package to
version 1.8.1+1.8.2pre2-3ubuntu0.3 (for Ubuntu 4.10), or
1.8.1+1.8.2pre4-1ubuntu0.2 (for Ubuntu 5.04).  In general, a standard
system upgrade is sufficient to effect the necessary changes.
However, if you have permanently running server applications which are
implemented in Ruby and use "safe levels", you need to restart them.

Details follow:

The object oriented scripting language Ruby supports safely executing
untrusted code with two mechanisms: safe level and taint flag on
objects. Dr. Yutaka Oiwa discovered a vulnerability that allows
Ruby methods to bypass these mechanisms. In systems which use this
feature, this could be exploited to execute Ruby code beyond the
restrictions specified in each safe level.


Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3.diff.gz
      Size/MD5:   156490 f1be7b39e8042635e734a0590a7bcbdb
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3.dsc
      Size/MD5:     1409 4635828deaeea5e68310a50bf652013c
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2.orig.tar.gz
      Size/MD5:  3438795 2a03d56781fb19e5dd967b0d5b394f84

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   127578 c3ea1de46c01906fd5d208f3a5aade44
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdrb-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   110012 905104bf208834a6404ce45ed96c42f2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/liberb-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:    90288 6213de5979d2220f3702e386495ff716
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/librexml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   147416 3b6a5ed5d5972fb70fc2b005da3dfded
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsoap-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   190040 0553f90b4302312370fa902c8f75db9f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtest-unit-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   113002 7eecef0c3e91929ebfa85cc176c27c9e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libwebrick-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   117296 66392d2040bc47831325f8a39caba5d9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libxmlrpc-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   108112 e1a4d343ffa8160dd17f1a520ca3babe
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   192992 c8881811daba95528838b23ad9d6e65d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   394692 86819c24811d378048c50fd071643fae
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   103708 f451541eb1d71511528ceac5d59e4e0a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.1+1.8.2pre2-3ubuntu0.3_all.deb
      Size/MD5:   114192 5ecc8e19f6a2483317bff32f69a8f19d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   131808 4690a8ee0a72531ed302cd5f1e7ca049
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   103878 209716e76348375a0bc6b8824c14efaa
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    96594 dfecd0a8b971fb1a202e455e2fa6ea6f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   130262 1f4df07f609b6a8166ab77ed904e9414
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    97902 dbb8573f38e7d5a4bae424ead130a301
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    92160 918c948fcebbf29de2cc592aa766f23d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   191392 16d8051062e00c6ba76ef14fd8ff8d9c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    95434 4ba7d2e44486592e681a3870f6dde2bc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    95036 182f500af3d1a78ad45921374b75e314
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    93824 8a4b66bfefa6f964cc25dacee8ef4289
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   728858 b0cba202c942dc8b74a75a5701c301fa
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   810054 b5708f616d7be8d2d3bdcd3b94cc587d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    99368 08ec8541d84eefed2a11b6212b1001c2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    92866 75027adb0279916c9c5f9f41cef24ccb
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:    93060 cd3430aef80f2a4b5016f25a75ba7e6b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   146124 677fb65c898c62ffcec326a9b429d6e9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:  1097124 984dc9d73a59e62f97644546ca5d671e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   140484 a30f0ea3372e002d17c4f39c84347989
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   108576 2e00a804ea8b4ecc0046d98774c4ad85
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   599924 80c6ef07cb1bd4e9201b33ec7586e93c
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_amd64.deb
      Size/MD5:   109912 0ca8ff901e3c17326bfb9fed190b418b

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   129700 8f1e0603f7410b147e2d3e000ce2f494
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   101864 ef1618201fd16236549f5862a38c084c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    96036 6b8bd26a843f70214b450b3b74c37bd5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   126832 0c0aaad32d078db4e32632f3e358a570
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    97036 ba4fbc0a9704d0b311d82d4b223f9f24
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    91690 6849f4d24a8ef5ac1938cfd522143dea
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   179864 af13d4bfa9942a478aa0eeefb942195a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    95052 d400aea0d3a50c3304f0eecd7e1d1a7b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    94430 521ae88d15ee2fae55a2651097e68e9b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    92882 f957cc8228817dea80391db9a314b936
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   690426 ed9acbdae3c0db48291682d91e009add
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   767008 6d664f1eff79e999c7ed4e034bf094d1
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    98598 edb1f9032d979efb3a3eb83c48f654f7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    91796 b39a714533c41ed59895425119a35e15
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:    92392 e0c10d23f1c6293ae0948ba82d7907bf
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   142684 5c17131679bee5f91fdc56fa383563e3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:  1095274 95d21b2a884ea2d7e66fe94c5d2cc4a6
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   137940 09aa8f64cc44666505874f8c3685cb76
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   106790 757dcf65c98f6bac360aecd809bbbda2
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   559250 4acd90d26f3a69b014bcfa479ec12542
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_i386.deb
      Size/MD5:   109684 ed8bc959798a836fdea923ec2bf51b3f

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   134700 de99718dcf7fa26b3586bb092e186958
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   105012 e23514d59f266fb05f0ab7485444157c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    97822 11ec7a032f3ae49273893a9b45d8bd19
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   128710 5ec5baa47ecd77f04dafa5d32a210ecf
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    98904 2b7aa6f057d95aec6610850dc4806bf5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    93438 52a24cd241ce965171becb081239b092
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   183114 85506e931a3eebaf94122ba9e56cd568
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    96760 227733995158faa945eeb40a5e14ad8e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    96342 eb138681d87b96b7fc0a099e957c82f5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    94910 b5ae75526c47b64c0518164df3896cbd
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   716438 2a65cc37995c61a302e70331019d4eee
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   814334 12d1499f45dc7ae587b60391c758c719
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   100712 a3253522a2c73b4e9d47342a9c90b577
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    94084 5940dbb630131a7297369e7a6c07dba7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:    94676 348733b3fe01d2a5ed00086e383693c7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   145262 c1b54b13241a4f3bed2fd652792c5018
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:  1098428 bf39bee621b15c9e3e66d44afed35449
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   138286 b59bcf879e177414c8af91448128eb11
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   109226 c01638337ad80b958383104a407413af
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   572038 5cdf959995cf360f54c1a07044fffe7b
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.3_powerpc.deb
      Size/MD5:   111598 abf2eb4c0b2c9d2e8c5d78adfbd27b14

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2.diff.gz
      Size/MD5:    34356 3d74c727602eccd4675923c662bf0721
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2.dsc
      Size/MD5:     1408 cf744f42d44a55a9f069ed89b5d03aff
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4.orig.tar.gz
      Size/MD5:  3598517 1bf195093ed5279412f1047f70fafded

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   149080 45165d0d3f1b0b47a83681bce3a39a8e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdrb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   131842 477e4a9a6c38d4f7e26d5d63d0445c45
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/liberb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   115660 06f0c195417eb2125ede4327641a1b74
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/librexml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   168846 b6ee48767469beec068ce6ad1d22838c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsoap-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   217460 439eb3ff9c81e97e010cc09ebfe2a927
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtest-unit-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   134622 24c369e0bf4a333db0fa90e12ba4a202
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libwebrick-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   140028 8608a5bb4d9e3b341c326e752bbb29b4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libxmlrpc-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   129586 1f5bf319cd8dfd37784154f1474a402b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   216270 10d3b3ef31944f4f29b4f8e27233e5ec
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   440916 cf2ea5d565631e867a8293c4c859e654
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   125376 818c6ced473eaddfa3516ab3b3830b55
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.1+1.8.2pre4-1ubuntu0.2_all.deb
      Size/MD5:   134854 8f7731377189f074de54d2b277c460b2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   152884 58766e1dd140cf343517b22f2d267089
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   125390 866a10c9c0a5e9dacdabac8d0c954a1b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   117992 d62eaaece9342c6f7d82c04d08ed32f2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   151836 817aa125ab886943fc982d17267c372d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   119546 e3c5f9c5ba4f562306f80f3b089a3c1d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   113506 8237326c4343b1707b4c538c15425030
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   214570 2516a0b10d64c5ea2b7ac52a59a3d9f6
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   116712 732aa9829e0dcfd504dea5159218d2e6
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   116522 b0b1685ec651c0fa2a8964ed9d39249c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   115332 3f9e2afd39aa551795dcafc37b456f74
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   759322 ad5d64771cc997d667597b675177888a
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   900278 41e995a071ce0457e38e268e02277e52
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   121354 fa2712afcd41d610bf0217ce9a0a838d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   114234 686d3651aa37efbd25b0af419ed40e77
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   114400 63f1daf24149c6c547e862aa2c193e60
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   171602 d186aca0c959a0ea30fe28eea903f432
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:  1142120 c336904edace6be0ba06c1686a444400
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   161886 212267234c3c3cb28b8217be4a0f85a1
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   130324 ed1080bed414dc5c49972fc0b271f626
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   626376 bf0be1e9e1cf6f7b92533aa0b469ab92
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_amd64.deb
      Size/MD5:   131278 d32baf2eb6c27893c4ad7433449034ee

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   151074 f44f69bf344fda41277aa97949bbb6be
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   123442 23205ce3a0a1b396249e1aea60fd891e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   117410 c70162d88d551d540ee5b69bec9465c1
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   148168 c7f72f66e93e51195869b120fed6f026
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   118496 0f3aab9db026614e9d66c55c1ceeaf0b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   113050 944ecf8e229bc33d06dfa59dbe8f9215
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   202794 7f48abf50e4964c217d747ae1d3c7edd
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   116330 fa2a44c55a23449e1c53480164ccc783
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   115792 8c7e91371ae7149a54b666d28b7190df
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   114518 367527497590e8027ab5bfd13602fb85
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   718916 0514dbc2cfde25a28b953246a9a5ea96
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   855714 a021c36d89ca8381be5219bbdbb96711
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   120498 70910c9a6b13480421736d71c98fe718
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   113156 66596c978c3af59ad9591adceef96890
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   113858 b5898ec578eadb35ecf9a8e026ee892a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   167854 ef588440849b9426932eb22bd0cbf0de
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:  1141948 334258ab6a4b52b586da1bee38e23e6f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   159432 c4a8a4c9d6e71b4cb952f3c1c5d90b0c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   128510 e553f6aadec49befd6fb6c964c7ab5ee
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   585020 4114401d311337156cab3d438295167a
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_i386.deb
      Size/MD5:   131034 3a3a54172b0ce00d1c380182d3feb038

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   155498 f5ff96952ad45e17062bcbcef5392fe1
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   126552 69fe414b396face9bc9c8bec43d0f36b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   119448 2b7fe98aeed9fec46133c1852ad07709
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   150334 8006bcc96513afd9552fbfe42469414e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   120576 389a7c095c212916eed2e3c44fa93eec
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   114844 f3fb346cf44e69faa0582184fa37e6c9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   205932 2eac0b3eb17cbfa367542ef2806976e0
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   117948 af17d7489da32f284afb128abef684db
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   117838 89e2a5929b27532417a023236ddfd4d8
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   116418 11bce7ec838590b3536b229b503ea5e8
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   949180 882bd22995f423ee50e46d694416d009
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   909626 f828b4832db79f35bd725cb7b1494013
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   122630 7c70a0c298b8b40004884b19ebff7317
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   115466 c1de80af4ad0e89714b11e3d8f3fd16b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   115918 8b42651342af0859964438382d04245d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   170378 e2edd40199dba925ad75519809bb6c59
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:  1142514 cdbdb2b49e0001a8aadf09562e447522
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   159780 315b48dd39dcd349d74e3552af46365f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   131078 45fb47bd9ffb9dd44b6d4614d00d4e19
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   598010 915c351d5367c5e7ad8751a5e32c0f3b
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.2_powerpc.deb
      Size/MD5:   132950 cd56ac9001a49499ee9795f6aa4d118c
    

- 漏洞信息 (F40482)

Gentoo Linux Security Advisory 200510-5 (PacketStormID:F40482)
2005-10-07 00:00:00
Gentoo  security.gentoo.org
advisory,ruby
linux,gentoo
CVE-2005-2337
[点击下载]

Gentoo Linux Security Advisory GLSA 200510-05 - Dr. Yutaka Oiwa discovered that Ruby fails to properly enforce safe level protections. Versions less than 1.8.3 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200510-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Ruby: Security bypass vulnerability
      Date: October 06, 2005
      Bugs: #106996
        ID: 200510-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Ruby is vulnerable to a security bypass of the safe level mechanism.

Background
==========

Ruby is an interpreted scripting language for quick and easy
object-oriented programming. Ruby supports the safe execution of
untrusted code using a safe level and taint flag mechanism.

Affected packages
=================

    -------------------------------------------------------------------
     Package        /  Vulnerable  /                        Unaffected
    -------------------------------------------------------------------
  1  dev-lang/ruby       < 1.8.3                              >= 1.8.3

Description
===========

Dr. Yutaka Oiwa discovered that Ruby fails to properly enforce safe
level protections.

Impact
======

An attacker could exploit this vulnerability to execute arbitrary code
beyond the restrictions specified in each safe level.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Ruby users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.3"

References
==========

  [ 1 ] CAN-2005-2337
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2337
  [ 2 ] Ruby release announcement
        http://www.ruby-lang.org/en/20051003.html

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200510-05.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0
    

- 漏洞信息

19610
Ruby eval.c safe_level Restriction Bypass

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-09-22 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.8.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Yukihiro Matsumoto Ruby SAFE Level Restriction Bypass Vulnerability
Design Error 14909
Yes Yes
2005-09-22 12:00:00 2009-07-12 05:06:00
The original reporter of this issue is currently unknown.

- 受影响的程序版本

Yukihiro Matsumoto Ruby 1.8.2 pre3
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre2
Yukihiro Matsumoto Ruby 1.8.2 pre1
Yukihiro Matsumoto Ruby 1.8.2
+ Red Hat Fedora Core4
+ Red Hat Fedora Core3
Yukihiro Matsumoto Ruby 1.8.1
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
Yukihiro Matsumoto Ruby 1.8
+ Red Hat Fedora Core3
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Yukihiro Matsumoto Ruby 1.6.8
Yukihiro Matsumoto Ruby 1.6.7
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Yukihiro Matsumoto Ruby 1.6
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SGI Advanced Linux Environment 3.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Conectiva Linux 10.0
Yukihiro Matsumoto Ruby 1.8.3

- 不受影响的程序版本

Yukihiro Matsumoto Ruby 1.8.3

- 漏洞讨论

Ruby is susceptible to a SAFE level restriction-bypass vulnerability. This issue is due to a flaw in the logic that implements the SAFE level checks.

This issue allows attackers to bypass the expected SAFE level restrictions, possibly allowing them to execute unauthorized script code in the context of affected applications.

The specific impact of this issue depends on the implementation of scripts that use SAFE level security checks.

Ruby versions prior to 1.8.3 are vulnerable to this issue.

- 漏洞利用

An exploit is not required.

- 解决方案

The vendor has released Ruby 1.8.3, along with a patch to address this issue in Ruby version 1.6.8. Please see the referenced vendor advisories for more information and fixes.


Yukihiro Matsumoto Ruby 1.6.7

Yukihiro Matsumoto Ruby 1.6.8

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站