CVE-2006-3694
CVSS6.4
发布时间 :2006-07-21 10:03:00
修订时间 :2011-03-07 21:39:14
NMCOPS    

[原文]Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".


[CNNVD]Yukihiro Matsumoto Ruby多个SAFE等级限制绕过漏洞(CNNVD-200607-328)

        Ruby 1.8.5之前版本存在多个未明漏洞。远程攻击者可以借助与(1)alias函数和(2)"目录操作"有关的未明向量,绕过"安全等级"检查。

- CVSS (基础分值)

CVSS分值: 6.4 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:yukihiro_matsumoto:ruby:1.8.4
cpe:/a:yukihiro_matsumoto:ruby:1.8.3
cpe:/a:yukihiro_matsumoto:ruby:1.8.2

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9983Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors invol...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3694
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200607-328
(官方数据源) CNNVD

- 其它链接及资源

http://www.ubuntu.com/usn/usn-325-1
(PATCH)  UBUNTU  USN-325-1
http://www.securityfocus.com/bid/18944
(PATCH)  BID  18944
http://www.redhat.com/support/errata/RHSA-2006-0604.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2006:0604
http://www.debian.org/security/2006/dsa-1139
(VENDOR_ADVISORY)  DEBIAN  DSA-1139
http://secunia.com/advisories/21337
(VENDOR_ADVISORY)  SECUNIA  21337
http://secunia.com/advisories/21272
(VENDOR_ADVISORY)  SECUNIA  21272
http://secunia.com/advisories/21236
(VENDOR_ADVISORY)  SECUNIA  21236
http://secunia.com/advisories/21233
(VENDOR_ADVISORY)  SECUNIA  21233
http://secunia.com/advisories/21009
(VENDOR_ADVISORY)  SECUNIA  21009
http://xforce.iss.net/xforce/xfdb/27725
(UNKNOWN)  XF  ruby-alias-directory-security-bypass(27725)
http://www.vupen.com/english/advisories/2006/2760
(UNKNOWN)  VUPEN  ADV-2006-2760
http://www.osvdb.org/27145
(UNKNOWN)  OSVDB  27145
http://www.osvdb.org/27144
(UNKNOWN)  OSVDB  27144
http://www.novell.com/linux/security/advisories/2006_21_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:021
http://www.mandriva.com/security/advisories?name=MDKSA-2006:134
(UNKNOWN)  MANDRIVA  MDKSA-2006:134
http://www.debian.org/security/2006/dsa-1157
(UNKNOWN)  DEBIAN  DSA-1157
http://secunia.com/advisories/21749
(UNKNOWN)  SECUNIA  21749
http://secunia.com/advisories/21657
(UNKNOWN)  SECUNIA  21657
http://secunia.com/advisories/21598
(UNKNOWN)  SECUNIA  21598
http://lists.freebsd.org/pipermail/freebsd-security/2006-July/003915.html
(UNKNOWN)  MLIST  [freebsd-security] 20060730 Ruby vulnerability?
http://lists.freebsd.org/pipermail/freebsd-security/2006-July/003907.html
(UNKNOWN)  MLIST  [freebsd-security] 20060728 Ruby vulnerability?
http://jvn.jp/jp/JVN%2383768862/index.html
(UNKNOWN)  JVN  JVN#83768862
http://jvn.jp/jp/JVN%2313947696/index.html
(UNKNOWN)  JVN  JVN#13947696
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
(UNKNOWN)  SGI  20060801-01-P

- 漏洞信息

Yukihiro Matsumoto Ruby多个SAFE等级限制绕过漏洞
中危 设计错误
2006-07-21 00:00:00 2006-08-15 00:00:00
远程  
        Ruby 1.8.5之前版本存在多个未明漏洞。远程攻击者可以借助与(1)alias函数和(2)"目录操作"有关的未明向量,绕过"安全等级"检查。

- 公告与补丁

        
        
        Yukihiro Matsumoto Ruby 1.6
        

- 漏洞信息 (F49489)

Debian Linux Security Advisory 1157-1 (PacketStormID:F49489)
2006-08-28 00:00:00
Debian  debian.org
advisory,denial of service,vulnerability,ruby
linux,debian
CVE-2006-3694,CVE-2006-1931
[点击下载]

Debian Security Advisory 1157-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1157-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
August 27th, 2006                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ruby1.8
Vulnerability  : several
Problem-Type   : local/remote
Debian-specific: no
CVE ID         : CVE-2006-3694 CVE-2006-1931
Debian Bug     : 378029 365520

Several vulnerabilities have been discovered in the interpreter for the
Ruby language, which may lead to the bypass of security restrictions or
denial of service. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2006-1931

    It was discovered that the use of blocking sockets can lead to denial
    of service.

CVE-2006-3964

    It was discovered that Ruby does not properly maintain "safe levels"
    for aliasing, directory accesses and regular expressions, which might
    lead to a bypass of security restrictions.

For the stable distribution (sarge) these problem have been fixed in
version 1.8.2-7sarge4.

For the stable distribution (sarge) these problem have been fixed in
version 1.8.4-3.

We recommend that you upgrade your Ruby packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4.dsc
      Size/MD5 checksum:     1024 0f42db3f568c8a28797041bc76742a7b
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4.diff.gz
      Size/MD5 checksum:   535830 da280b20362a19963108500d237c3a8f
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2.orig.tar.gz
      Size/MD5 checksum:  3623780 4bc5254bec262d18cf1ceef03aae8bdf

  Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby1.8/irb1.8_1.8.2-7sarge4_all.deb
      Size/MD5 checksum:   166472 c82c13c986fda2d4e64c72cf3e368ca6
    http://security.debian.org/pool/updates/main/r/ruby1.8/rdoc1.8_1.8.2-7sarge4_all.deb
      Size/MD5 checksum:   234400 f40e4c9ddff692869af976134de0704a
    http://security.debian.org/pool/updates/main/r/ruby1.8/ri1.8_1.8.2-7sarge4_all.deb
      Size/MD5 checksum:   704702 094e28cb85bcf7804cd7eeb84cff6e1f
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-elisp_1.8.2-7sarge4_all.deb
      Size/MD5 checksum:   142548 dc06a6a0d4ae14b04ea3b21b92e66997
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-examples_1.8.2-7sarge4_all.deb
      Size/MD5 checksum:   216598 603b6d3361826f30226b7b8b1f2a9c93

  Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   136026 807f7fda3208e977b2bffdf649bd2166
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   137576 d858c25b2b1390a9fe888af573176c1b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   237652 adde3854460982f99debe4d0dd4e3611
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   133486 dc5240098ab298aa839d5b8953f06336
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:  1468512 7f23445d54c15533296abc18317f3d6e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   827130 7ec4b9f408ede065e8cc4fe77c7aa1aa
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:  1450272 04aa5f52204fb26ac63fbac27101f9cc
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   152018 8aa3bb2213a4e9bc7f53ce250676edaf
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_alpha.deb
      Size/MD5 checksum:   796146 38ebfeb190ebd27bd3230ae155e3afdc

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   135380 dcd3a9b7ed2debe1192eafd811cc2a30
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   136864 972f42e18a6455acdf0ed0e45e3fe7e3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   234106 34413e0afb46cb5d577e8baef662a63e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   132698 e951c72555b76c479b70a6110c8993d2
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:  1392474 6110d5660508195defca1dd1f65477da
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   780828 23c14bdfef75c3dfe0fd32914e74cd37
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:  1446784 aa3b824ba6533e9b1ce9ecfdf84f401e
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   151690 f787d84515ecf0b3cbba386a242deb37
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_amd64.deb
      Size/MD5 checksum:   649210 1f3dea3652f874a9cb3cbb4cc6d77ba1

  ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   134428 4a362966ed1ad169e878c6408dcd48e7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   135530 43c141fd022dd720e0463990be7c15d0
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   222454 b9d6211eaad9a7247e32dfa7836e6c83
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   131800 8c52d291f37faa0a38863c3a1f8eb284
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:  1348400 2c4390fcc2f207187b7978cf6b5925f7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   743880 e4acd222cbcd2b445104a1a3647cb177
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:  1441128 fb9d0a695992a182688cdedb357f564a
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   151516 686852b27971731b433616500a40758a
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_arm.deb
      Size/MD5 checksum:   660510 fb8a5bffad8fffaeccde7119727c2ac5

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   134974 9a562d9d0e760290d518c70fb43b1d03
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   136230 189c3922b12e4edad0f4f295cf9ef20c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   224910 ec8a78d370769c1c64be9f4469637db1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   131962 7f4440175d0bfabf3cbb9d0fbf1e77fe
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:  1349876 b16401fe0f1c0c5a0394434895d03bce
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   758398 225bcd1dccde74c40d9cb481651eeb52
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:  1440060 a558caaed9f6b83b7308e3d7e7577db8
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   151532 3beddf1ae51a2725f8bf1877da2a4dba
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_i386.deb
      Size/MD5 checksum:   622656 1c8f2def939b021de558de46e6b716ac

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   138634 64b224087992880a7f0a67b334fe135e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   140474 6dd684c7a416f3d61b4410b1d595dafb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   265676 9820368a516fae339f0944a19b643833
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   135826 4a7f21b331a3b72b2a5afe5d281ef47e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:  1704080 b88a562c3b95a1fe4c39b41f936020e9
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   998702 59784e3a7aa62bf754012b54b8666a53
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:  1462992 82815c6dd500ea9048d48373c6df0fd5
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   152426 1edf23fe3ee94ed0779f9d17c6f6a45d
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_ia64.deb
      Size/MD5 checksum:   867604 a36fd72bf3830bb3ff8fbdf8958bfc94

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   136584 e73699a1e393cdc62240474957a64edc
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   138254 612dc4a3b954713ee5a976fdd80bfa46
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   246920 ea9227aa042a57c9564257fc4b62a5fb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   133754 434e4204ccf113ff9be4c3173c06ff06
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:  1501082 b48824cb69d09c776fa4256aa2b57280
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   840010 f6fc7ee7a7d01e3c3a68d90f8102afb4
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:  1453678 d877e7fb7c7728993b842f6d03217759
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   152086 8f7c0cd93ed8929dec058b2e11ff1645
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_hppa.deb
      Size/MD5 checksum:   736084 22eb743d8899fccc9d820265a5e76e5a

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   134464 798af7f09557e268a4433d199666b333
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   135854 cad46d59bc0a0b56d3a4471ed631ca06
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   230828 33f456639bbf803958fd4850e565aa63
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   132144 172851ed73cdf8781c284d61fb41ec13
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:  1332946 777e0a410960a5913e32cf420ddfc46d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   730192 2d6c4b987120f0def85f9dd37b05bd1c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:  1439628 eb8dd3c1c74d95d58286f32f6a4842e3
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   151472 7ff1674935d95c5791258a0e49551acb
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_m68k.deb
      Size/MD5 checksum:   553242 498fa7137cd27bfe7620cf0213374ff9

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   134234 d657ed24d30b806aa7a12f47caa5e4a7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   135612 61542850bde3de58214669b7237164b1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   215544 d01de62331e23d10f93381e8843c762e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   131698 f39973c63a3bd368e0d65dd4b25374d6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:  1356152 64bf3bd8441ef587257d891bb2f729c7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   763910 3ad50b753b362dead5b474f0bbd368a3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:  1435982 689bd249dd3c1202c2d04f2f33626a97
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   152230 8b36c427af4e96a19e62cf3f686c5593
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_mips.deb
      Size/MD5 checksum:   684368 39ce72ac5f5d9d745bcf71ceb876a210

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   134254 79d0e90d64559a1501af99132b0005ff
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   135630 5271715069daca9838d48cb1ea49accd
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   214754 ae4da5a0ee84d4c9c9709db2c2cad248
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   131652 251d198e728430a49ff2329f81088456
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:  1357480 1041e000f2d8d3396aa5cf65a65bbedd
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   756756 c57e993c474674c7ce3089373183969c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:  1436182 a9bb10ff23d231dbd7fab5720011ec04
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   152224 abdac4a527eceb9a58476b0546a94991
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_mipsel.deb
      Size/MD5 checksum:   678050 72b5db16d8aa6c0db7e1f6cdf9be79a1

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   136824 1d9a81582e6c6cc547e169e667764dd1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   137962 f3f2a9a88fa8ba3c5c0b9f19b306f65f
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   225128 215bc28c59e3251f0e8c854595e62d83
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   133864 6ab0ddb8daf572db17b93967e66ab9b3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:  1406320 ca5f961b26176cc09d14048ec74620bb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   970362 572eca14b9e1c450ff04b63d1ccb3b60
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:  1444440 2f85e5980c7e6f8c739fd393cf40701f
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   153378 4cd32ff52f2b3dcf7310de81ae9274d5
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_powerpc.deb
      Size/MD5 checksum:   621308 d23cb8ae442ea90399f1be4a72b442a3

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   135864 9fc3a9279aab669468bfad78272210c6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   137214 6dd7156cf52f298684bdeb708498b128
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   239952 2667501f4051b98e4aea702235b67e39
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   133186 b857fd038443aef31f24b1b01f69add2
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:  1430936 5edf502941f45ccdfe0788a8ac6541f6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   907238 e030a50747a33697c6d014994aef1880
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:  1447266 6d94a1aca2c0af2d35498546f8295dd2
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   151754 a0d0d7e1b6c84b2b016e237d93c3e661
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_s390.deb
      Size/MD5 checksum:   674872 9ae782c6490cb7850c6c5d2682913f74

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   134710 c4bb2481647668fa28a689a31b32ec31
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   135914 cad4055bf2961a3b485b7efdcf731c1b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   229118 ff817082c3471dbfb99b521fbabead6e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   132048 bb79fcefcfb42e1bfe795a179d4427cc
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:  1373166 92368a140ed723edc6a815101629a80b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   748322 2f5752f34fcdc9ef9671f9f426a3bdb5
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:  1442042 909963575c3327811d103e0aa90dc7c3
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   151530 0ff292238fd5cb4aaff674f350e77317
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge4_sparc.deb
      Size/MD5 checksum:   646728 488c84bd4b6e2c1523f032c2a8009800


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE8fdaXm3vHE4uyloRAkynAKCQq2h7VEzQLJElpfOm8MTgGUhuJwCgxoFP
xzbrrMuuoX+dhiegwoupB0M=
=fGUS
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F49027)

Debian Linux Security Advisory 1139-1 (PacketStormID:F49027)
2006-08-17 00:00:00
Debian  debian.org
advisory,ruby
linux,debian
CVE-2006-3694
[点击下载]

Debian Security Advisory 1139-1 - It was discovered that the interpreter for the Ruby language does not properly maintain "safe levels" for aliasing, directory accesses and regular expressions, which might lead to a bypass of security restrictions.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1139-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
August 3rd, 2006                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ruby1.6
Vulnerability  : missing privilege checks
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2006-3694
Debian Bug     : 378029

It was discovered that the interpreter for the Ruby language does not
properly maintain "safe levels" for aliasing, directory accesses and
regular expressions, which might lead to a bypass of security
restrictions.

For the stable distribution (sarge) this problem has been fixed in
version 1.6.8-12sarge2.

The unstable distribution (sid) does no longer contain ruby1.6 packages.

We recommend that you upgrade your Ruby packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2.dsc
      Size/MD5 checksum:      995 b893a055e7855cb9ae612051537e5b08
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2.diff.gz
      Size/MD5 checksum:    78722 7e8d8da6029b1d7bcf6d3bcd1dfd77d9
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8.orig.tar.gz
      Size/MD5 checksum:  1022364 aa1e272added83a5206c565d62c9c8ed

  Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby1.6/irb1.6_1.6.8-12sarge2_all.deb
      Size/MD5 checksum:   174792 e15cd6866bdecaed5c1f2e17aa1779bf
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-elisp_1.6.8-12sarge2_all.deb
      Size/MD5 checksum:   152608 b669d36794a6a42a87f22cbd0796c629
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-examples_1.6.8-12sarge2_all.deb
      Size/MD5 checksum:   160296 17cc4ec94e54b67a95992378017bd016

  Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   146476 a64744108bc2dc6c24aacb47140f7bde
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   144964 a1b292ef176cb6d560f81c4ddaad58a8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   146474 f71f4d08633881fd95d1003f2d7d4d68
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   148532 69c859b9fe9ff7a5a9dab1d1d0587d5a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   144818 915995e1a993d6310686a1de6de3e6af
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   688332 c369e8923c9bd606afcd2bb4804cc4a3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   726618 fbdaff5899920b60d2be455b0e872224
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   149034 20f34ce45a863650606bbe506e39687b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   144946 60d2ed1fd07820c3ede2823bf452a69e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   165450 bffcff99872d4f9ddbcdb0270e5873cf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   178560 30e0906aa743ef033357fbc87de8e7a3
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   159210 db8cd0d1c9946fc875e7439a356b614f
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_alpha.deb
      Size/MD5 checksum:   700186 0a0bf8fc080e59fd82fd24f789932f12

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   145410 68a46fffea241b46851708df63df8aa5
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   144250 108f0f68ed1b23bfe4acd06bb555c004
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   145798 e2ea3305edbbea5b9d0d002f199330ca
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   147932 dfd5eb260174a1585b1abafb50af767f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   144202 d93aea25db81e801ffd4315aa130d22a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   642272 a9ff67a26e4fdb3c1f5ef15e097fc72f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   687986 763343f54576f6ac69eb4e89660f5023
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   147672 8124666debeb450167acf71022f7dc6f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   144466 1c4724abef30ef3a77dd820e9a2bd4d6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   164714 221010f11e60577810cebbf7dfdaee2f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   178302 8b83a74fe1337d3324f106009fa0057a
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   158908 62ebd23e32a4b209f4cd9e4476b4e369
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_amd64.deb
      Size/MD5 checksum:   577330 f9ed55d8d69b6d8a1ec58f7f4d427c61

  ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   144414 e66cc67edd3c819f7c7e26f2ab5b3652
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   143382 7981d1ded3136e4dd1a0b6f56b0e5cc4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   144322 055614a1853bc8a1134c74b047291ff8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   147230 4fef2a16441fa6f416f910d8752d8537
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   143416 82de20fba60340985fe3a673096f9896
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   616462 396af6f886357beb528ec0509d64995c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   658130 9e85cbac3c6b72320715252e7e504aaf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   146480 af9f9cb32effd4b14de85b6cb8dea5a3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   144042 80141f0e356a1751369587fff5744098
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   163904 d27a1eb0be8910b6afc972c5d27f2d2d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   178244 b815c2540a817b3963bae33ee834a5ac
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   158676 4e9143c70fa7993738e38b23d0e98b03
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_arm.deb
      Size/MD5 checksum:   582174 d2aea74927f3c5e9de067473211bcf1c

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   144790 22f4872c665523387c52cc3189b9e709
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   143976 46d8280ada795645790ec1492e304a5b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   145032 173b65c349e4a48e82915646e347b39a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   147360 9c153ab174ee028b889bdb72a8037ee6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   143578 b5de349995e8aefc7c5734442b7687cc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   616522 35629bce40208cc960acd9595bbf43a2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   669622 a991b06fffe6136a3e23766eb365a47d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   147174 a96b78c88c70c318b5720795556376a7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   143904 bc5f8484ee56c7c0781a650530f7e9e3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   164144 e18b39dd30049e083fb24c2262911720
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   178216 527e759e13067d75e296c9129fd33e53
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   158692 4070af28cdb5bc0cbf62b026f128c842
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_i386.deb
      Size/MD5 checksum:   552124 443f0dddba0e9d72c10828def2c69a7c

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   148260 60fbdf4848f0a17588a7427e5255b489
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   147134 dd8a8a77181a14a53058c578d4484e30
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   149152 23538475e186238bbdfbfac6be9121ad
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   150610 bf8ee24b78e8a03cac9e38d983ca69d5
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   146996 a4162e5ab15426db31161519c7b5e971
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   820610 0544f47fa87965977ef4cde00abf7730
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   874856 3fe352a499544e557703f7bcd42e1c97
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   154178 8b1e32d1612391c0c063c946dc62b509
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   146448 37a4f6f584b9a8ea37198b391340ca25
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   167642 dfe4554ed664a24bcf24bab01e2270a1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   179258 baab04f21809e1ba0ec04d0b3748bbb6
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   159624 fe84152b011f963891c3c2b38108736e
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_ia64.deb
      Size/MD5 checksum:   762612 369bfab8754ea2a17edade8d15c551d3

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   146516 6fe0791c41712e5a0c6ed81e8b4a28d0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   145446 d9208dd713356bde1f5aca55b3011682
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   146946 3a29965b5dc1a7d4958cd8410a9d58d6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   148884 4c51d8bc9cc08cf193fee71d97fa4114
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   145062 8237161548b8ef590ccf0a657bc8d6b7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   702806 13e531f768ab90867ebdc6427db1fc31
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   741068 b2371688220efa9f65bc3c299a352c7a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   148854 89c1cda43293acaf23ea3f438653f600
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   145570 3f2979012848d2eef0750f2c99163b56
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   166280 44bd98b1f3dd6cefb4cc97ad8bfe1977
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   179010 0fc6be47f85756b7620b0471dd7e21d7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   159276 54c2a682b08f43eba52e7e66ad0585dd
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_hppa.deb
      Size/MD5 checksum:   650918 9533b677f7eb39603858ec1d4c0e7ba7

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   144744 435bbec715f7f0bf6c3ad5d86b6e68f4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   143420 6fcfbb5e1759d1cc99b275195022be7f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   144622 702cddc142976b6942c311243e078126
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   147552 3cb17aaefa06ae612f550765f8b5449c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   143672 590705367b5c2c90b35357af5c129d1b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   603104 861a1bcdbb0383efad60cb7a082e4f3d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   648258 fbaaacbf1ba2a4b86ac2e9dd11d03587
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   145878 828a5daf2b8531e67824dbddad292fa7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   144468 0c7f994fa041d44cc01cf6852cd1be72
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   164088 b9a4dda885865ec41037696f4b73b8bd
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   178218 70f0d1e659f9e77a9d9436c0a6bffffe
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   158634 e9200fdb05797f99549ea4f23e114596
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_m68k.deb
      Size/MD5 checksum:   493714 7e9ecc4cdca57fcef4c150b08d42b2a4

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   144446 f50a72e6d8d897b8e57fbfc0275f2fee
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   143352 388e8bd3ba5fdd46fd14c9f35c72e6cd
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   144540 d0e608df1c6780593fecc78e0ee7c3ca
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   147696 1644b56353b6573e639c8a32a7f2e22e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   143584 8ab7527e1b26354c3835708f855e18bd
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   626876 d97b4618cf74131804a7624a9db6b3c2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   676210 a14fb0bc236c7544f31af0aa96420725
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   146896 d264c011dc7a80495df24ff874ef69c7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   143888 d581d09a3705a9d38a33217390b8dcf2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   163548 9e165bf4cf487efcd8318375e2e1842c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   178310 dead0cab26db316a8a492b07c1db83b2
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   159450 51a206115dff5238e1bee28b8ff0690e
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_mips.deb
      Size/MD5 checksum:   604490 fdfd8e0c831353c24a002ba4588e1439

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   144410 9f1128f6e8b58d7a3a986e377e8ebd9e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   143330 ab1fb477f0594532f2cad1863b22bec7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   144530 931fcefa10ef41467c95fe87eb2fd48f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   147636 2d4d1efbb9c9077268ae58ddf3579966
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   143524 0185f774804cbf1cf2ff237761d9801c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   627148 87e9ea8e63f505e0e872bc11a5581421
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   670090 92568b9385df29550b533f991c5ec2b0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   146928 e23744e97a49dbcbe288e2ed35f1b5ed
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   143874 6441d46cab00c46e3c597586d18ae78a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   163494 f5e794af0137f12d6c3b3e5e01185615
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   178310 52172a0a4962a8b51968401cb1988552
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   159432 883e26093e7c76afaf9346dce75cbcf3
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_mipsel.deb
      Size/MD5 checksum:   597798 8f034ff7ad15f2cb2ed0410d9bd618f8

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   146284 22e87289334eab518ae54be55f21667b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   145802 fee61e4787db3cf3cda9a89aed7e884e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   146824 dd7ba13c08e817b8255ff9924afae2c8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   149476 f618a91e87a2585b041dbbfaf8f5466f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   145458 285fb94274a49cd9c2ca2cc1a643b019
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   651250 9b73a0eaa59e7323f8dfed24bec24b8f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   858268 7ad4d872128350cf750bf7a75c2f9ada
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   148826 e1f4ca592e0cf11e09b1041e3f3bd4ca
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   146056 66acc5b20acd5b0a1d0f3bb5535dd892
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   165652 44513768b308ac25b29fd8a73b9f57a4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   180234 5ce4b9746308845cd38771cd831cbb32
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   160598 c15f85f76a74858e414f8df73774aa00
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_powerpc.deb
      Size/MD5 checksum:   554966 235a9230d1b152e9e7cc3ce307b8230b

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   145788 b75a3431704e72929576adadcf011946
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   144678 7e8c434073674a665ae7e2d71ed90140
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   146090 35e423222cbde1d41404f61d2781c762
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   148426 051b61878ab58f48dd5510a0754544dc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   144642 a49bae873a80a915349672e5381d30bb
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   666202 73f055b872e4504664989649952654da
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   795202 4eed8c17e588be7e300d65b0f182533e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   148164 ac3bd1790643603d71c34ed9532113f1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   144664 b50f4b70e8307e513e425d8308f7e525
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   165226 c680fac3cacac682fc4be628fd30c9af
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   178504 9e3331346955e9599ac91600757ec590
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   158940 b38c0c1968a6b12dc9a3ae9d3b147016
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_s390.deb
      Size/MD5 checksum:   596914 b6a7e7e26b10b5d58e1652aa19b83004

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   144528 1e1074eed305a2e2b0115fc118c7ca66
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   143558 12254ba9cf73e77c39042db54b47f977
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   144768 e909cff97b2344eeb9d9daed6d6419a3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   147480 86ad30fe9e00fdfa2cf2223ace182932
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   143608 0ad621d4204e10a10955f60f7d2b3f3e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   632416 045e990ddaaa3864ca8319ab52933d7e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   662544 969a10da93b1aa7d6a87f1c230a9db3b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   146334 7484dbf7d3e770afc6a9cd555433e8ca
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   144376 25f4702aded0a18cbde8aee35a7365b3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   164294 399576c63022b0b019b616c468aac9dc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   178282 db754f454d81fdd43e69e22b38cb919f
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   158694 49c5f3c82393a5ce2e8b47ad16d1ca0a
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge2_sparc.deb
      Size/MD5 checksum:   574186 0342472bd526b725b31166e314b5d283


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE0jOaXm3vHE4uyloRAuwlAJ4tWQ1u4g2DIiJMQAHevpFaM1YW0wCgym5t
d7yGldW9Nj4ftBHyrJ8dUtc=
=Zjvc
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F48777)

Mandriva Linux Security Advisory 2006.134 (PacketStormID:F48777)
2006-08-03 00:00:00
Mandriva  mandriva.com
advisory,ruby
linux,mandriva
CVE-2006-3694
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-134 - A number of flaws were discovered in the safe-level restrictions in the Ruby language. Because of these flaws, it would be possible for an attacker to create a carefully crafted malicious script that could allow them to bypass certain safe-level restrictions.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:134
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : ruby
 Date    : July 28, 2006
 Affected: 2006.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of flaws were discovered in the safe-level restrictions in
 the Ruby language.  Because of these flaws, it would be possible for
 an attacker to create a carefully crafted malicious script that could
 allow them to bypass certain safe-level restrictions.
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 8eed80b6fcd6b41fc7c15d617732c97c  2006.0/RPMS/ruby-1.8.2-7.3.20060mdk.i586.rpm
 770370523d64d39b003943cd4363b55d  2006.0/RPMS/ruby-devel-1.8.2-7.3.20060mdk.i586.rpm
 737aad366fda8c8b75ca7b8739bc19bc  2006.0/RPMS/ruby-doc-1.8.2-7.3.20060mdk.i586.rpm
 949de9702c29ffa2519e3c9bd4866127  2006.0/RPMS/ruby-tk-1.8.2-7.3.20060mdk.i586.rpm
 37aaacc8b046ceb135833a201e229d95  2006.0/SRPMS/ruby-1.8.2-7.3.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 a84ffa78943e7e69c172a824a8804c65  x86_64/2006.0/RPMS/ruby-1.8.2-7.3.20060mdk.x86_64.rpm
 7e4e992fed64a245f8d4450b279f45e5  x86_64/2006.0/RPMS/ruby-devel-1.8.2-7.3.20060mdk.x86_64.rpm
 65a180f269c974a673beb9d35366de5e  x86_64/2006.0/RPMS/ruby-doc-1.8.2-7.3.20060mdk.x86_64.rpm
 db56c49363d539bb66d0ec9975b74c57  x86_64/2006.0/RPMS/ruby-tk-1.8.2-7.3.20060mdk.x86_64.rpm
 37aaacc8b046ceb135833a201e229d95  x86_64/2006.0/SRPMS/ruby-1.8.2-7.3.20060mdk.src.rpm

 Corporate 3.0:
 04ae53b4b5662872aba838c9fbd72466  corporate/3.0/RPMS/ruby-1.8.1-1.6.C30mdk.i586.rpm
 c1e94f6f01fca30ce36227b91e466f21  corporate/3.0/RPMS/ruby-devel-1.8.1-1.6.C30mdk.i586.rpm
 c5019548c2003c1da8a8aa95617c22f4  corporate/3.0/RPMS/ruby-doc-1.8.1-1.6.C30mdk.i586.rpm
 a7e171ffa0477f6da36bdf9707e163b4  corporate/3.0/RPMS/ruby-tk-1.8.1-1.6.C30mdk.i586.rpm
 fb9c099b9c479dbd284e2bcd8d07699f  corporate/3.0/SRPMS/ruby-1.8.1-1.6.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 20a7d42a40547b1bed6aac4900386537  x86_64/corporate/3.0/RPMS/ruby-1.8.1-1.6.C30mdk.x86_64.rpm
 ef6b2b513036f3f9b6f9e43bbdd83a50  x86_64/corporate/3.0/RPMS/ruby-devel-1.8.1-1.6.C30mdk.x86_64.rpm
 59a038e5c8928e6a81b57984f5260eca  x86_64/corporate/3.0/RPMS/ruby-doc-1.8.1-1.6.C30mdk.x86_64.rpm
 e613282d66e153526b1e6a23062c2e9e  x86_64/corporate/3.0/RPMS/ruby-tk-1.8.1-1.6.C30mdk.x86_64.rpm
 fb9c099b9c479dbd284e2bcd8d07699f  x86_64/corporate/3.0/SRPMS/ruby-1.8.1-1.6.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEykoomqjQ0CJFipgRAsaWAJ9mcBNpKEbsAJLL+2rf8taG4nRSOgCgxV/3
YO5uxqMIyBE6dno3W+gKNV0=
=xuDy
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F48761)

OpenPKG Security Advisory 2006.16 (PacketStormID:F48761)
2006-08-03 00:00:00
OpenPKG Foundation  openpkg.org
advisory,remote,vulnerability,ruby
CVE-2006-3694
[点击下载]

OpenPKG Security Advisory OpenPKG-SA-2006.016 - Multiple unspecified vulnerabilities in the Ruby programming language allow remote attackers to bypass "safe level" checks via unspecified vectors involving the "alias" function, directory operations and regular expressions.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory                            The OpenPKG Project
http://www.openpkg.org/security/                  http://www.openpkg.org
openpkg-security@openpkg.org                         openpkg@openpkg.org
OpenPKG-SA-2006.016                                          28-Jul-2006
________________________________________________________________________

Package:             ruby
Vulnerability:       unspecified
OpenPKG Specific:    no

Affected Releases:   Affected Packages:       Corrected Packages:
OpenPKG CURRENT      <= ruby-1.8.4-20051225   >= ruby-1.8.4-20060728
OpenPKG 2-STABLE     <= ruby-1.8.4-2.20060622 >= ruby-1.8.4-2.20060728
OpenPKG 2.5-RELEASE  <= ruby-1.8.3-2.5.0      >= ruby-1.8.3-2.5.1

Description:
  Multiple unspecified vulnerabilities in the Ruby [1] programming
  language allow remote attackers to bypass "safe level" checks via
  unspecified vectors involving the "alias" function, directory
  operations and regular expressions. The Common Vulnerabilities and
  Exposures (CVE) project assigned the id CVE-2006-3694 [2] to the
  problem.
________________________________________________________________________

References:
  [1] http://www.ruby-lang.org/
  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F) of the
OpenPKG project which you can retrieve from http://pgp.openpkg.org and
hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org
for details on how to verify the integrity of this advisory.
________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@openpkg.org>

iD8DBQFEye69gHWT4GPEy58RAlmgAJ9P8zeezBNr1xP9386nwqOorWmqXQCg399h
4hF/HhtXEwInVpUubs57GcQ=
=Lq1J
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F48658)

Ubuntu Security Notice 325-1 (PacketStormID:F48658)
2006-07-28 00:00:00
Ubuntu  security.ubuntu.com
advisory
linux,ubuntu
CVE-2006-3694
[点击下载]

Ubuntu Security Notice USN-325-1 - ruby1.8 suffer from flaws where the alias function, certain directory operations, and regular expressions did not correctly implement safe levels. Depending on the application these flaws might allow attackers to bypass safe level restrictions and perform unintended operations.

=========================================================== 
Ubuntu Security Notice USN-325-1              July 27, 2006
ruby1.8 vulnerability
CVE-2006-3694
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  libruby1.8                               1.8.1+1.8.2pre4-1ubuntu0.4
  ruby1.8                                  1.8.1+1.8.2pre4-1ubuntu0.4

Ubuntu 5.10:
  libruby1.8                               1.8.2-9ubuntu1.2
  ruby1.8                                  1.8.2-9ubuntu1.2

Ubuntu 6.06 LTS:
  libruby1.8                               1.8.4-1ubuntu1.1
  ruby1.8                                  1.8.4-1ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

The alias function, certain directory operations, and regular
expressions did not correctly implement safe levels. Depending on the
application these flaws might allow attackers to bypass safe level
restrictions and perform unintended operations.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4.diff.gz
      Size/MD5:    35943 8bc7f03873488b5ba411faa7704bfb5c
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4.dsc
      Size/MD5:     1408 147b649550be4fc13a0ade3efc592ea6
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4.orig.tar.gz
      Size/MD5:  3598517 1bf195093ed5279412f1047f70fafded

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   149384 77b47cd028bb50976b9952cf798cb44b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdrb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   132148 a68132fb03500279404e95ab8be56e95
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/liberb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   115970 1431edca2793e1582a71a0c331a3a086
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/librexml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   169158 f854687a927f84fa23f0750952318f16
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsoap-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   217756 62d040e30611cf6c5c20274a72bcec2c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtest-unit-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   134918 91571960ed6b2b173ffe1e42d86960fe
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libwebrick-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   140426 92a1686826fd8e7822a9784dd2278837
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libxmlrpc-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   129898 b753eb69448986f6beed19912d65ed51
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   216578 71ad64d4993083f7ed2d61a44b24e7b8
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   441172 f6942ad673d322091d0003d1f4d01666
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   125626 4b863f01da97d59a17bb081a44d0d221
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.1+1.8.2pre4-1ubuntu0.4_all.deb
      Size/MD5:   135164 a98ab744ecb448c4f4890c8f419ce9e7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   153212 318a99a71b7f2816ee74f8a9c0776c39
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   125694 c7a8c55acf413b5a13d0444ec5365ec5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   118328 69cefa376aecf9acb219d1b51441c42b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   152166 f6e7a2cccaed6c80d33f3b9612605e42
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   119880 231c330121a586d5e57396128cf277ca
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   113820 a322db798a82177cfd8224614384b571
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   214894 725e41420bce1d8a634735d7a8c2d840
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   117028 d95bae00a0492ff829ffd56c29e5aa57
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   116828 80859b8a447330a4247f00a077aa1ed9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   115652 3831782509dffa6e6d00dbd76e24001b
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   759792 4ded6d8d16b326e9d798d910fef6427e
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   900660 b389c727684b350b70bc421ea442ef40
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   121678 f9fae3aa6b567f226aad9bc8f2782d17
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   114550 3d35118d7c844cf84d74ff1e215a7b36
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   114738 6a6a83d530475e6036a92b7bf9dcb7be
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   171916 b2932f4fed3865a478f3480cf83c220f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:  1142440 dc58ba0a87c66726f06dc86dada1a75e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   162208 318a331980ab5411a31d2f97e8a0466b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   130638 b043b32e198a42fe0f3a23af8a087b1d
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   627002 2faa92584919c134d22998f17ef22990
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_amd64.deb
      Size/MD5:   131596 0e6d77c3a62d96c39414682501acf011

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   151394 c70a186fcbb4590916ad21b5d32d15c9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   123750 f07274a9245f7381a8ceb942fd4fa704
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   117744 a5f44f72dc88b4615aa927b66454c92f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   148498 2c9c3c931d8fd41916979a6e6c83867d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   118830 42bbe6ed123b7968c258eb0d7dfb0888
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   113368 543f90323e154b6b61633a93cb8af770
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   203126 5c95a901fe26e68375b597847494e212
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   116660 9dd5fa6a4b45f8173a07736a3df57709
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   116096 b86f9a26d46dd5f745e5dcf8b58796b5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   114830 d115a9a74d4090b02560533fef28efb8
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   719462 78f8ab8852eb21aa55b344cba98b37bb
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   856146 dded4895faef88ffedff282ef04785ff
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   120822 dd4658ed771a89e23bcffad1671278eb
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   113468 e33b25111ec47d54c40ed61171dcdcd3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   114186 9ab2220b99c8e28fc3652810473a6012
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   168152 bbeb0d3a822a1c13fdf6a7fd80421a3f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:  1142278 f7d741ae64ee1c4779a7651b5f4d070c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   159738 ff6fb15c596007dab9ce3e3a829342e4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   128810 85b950e24d9bbdffdb3e58625ac8ab12
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   585648 9f0d38c02373a2a1e73860eb1dea66c8
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_i386.deb
      Size/MD5:   131348 74df1b965b3a7395c4b668528512b4d6

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   155826 cee096312cd0660edc11aea9e65988e4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   126860 f61a07417c180808cfdf2437df54badc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   119764 f560dbcbe232b888d46dd314b374b4d7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   150656 81a8a3db0988a36d3f18f289979d4dab
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   120892 593146b6f1225aecb2051c812e18de7a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   115164 8ce25c3a7cdcc41b1539cb8ff6ba8af9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   206268 19d5bcb2ca9e11aa5c80df8631f35ddf
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   118266 ddee5ce499e0b0f2b5d41454c460e76c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   118150 f23b2d5a8bdb44518c9deb4e0891d5bf
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   116744 ae03316aa5e6ee221cb88ee7a392bb5a
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   949578 af5c001e268c6c56f6e851efbb6d938f
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   910242 7751c33bbfea90411bb1306f4f73f261
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   122952 ef548a003530320c956c2cb5cc3a1a6a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   115780 8f222589a26c539917bff729ea073263
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   116248 1882924d5c9910be4d3d1b9a7fc9b378
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   170682 36530fe03a54b0f757e3da269241f989
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:  1142830 7d4f5e1e0ff40cd0769a485d163ca0b4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   160092 fdbaddb296a242fb5691921046b1f07d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   131388 1390a8a0bce8086772c09a57c1579f31
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   598808 547170ac52fc89485b78db95fb3339c2
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.4_powerpc.deb
      Size/MD5:   133266 458879b4c3f6d98bd0130c29594227aa

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.2.diff.gz
      Size/MD5:   894254 cc12946548b505582e2180b6bdc25272
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.2.dsc
      Size/MD5:     1030 b31ffe06fdd83f015bec593ddf0813d1
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2.orig.tar.gz
      Size/MD5:  3623780 4bc5254bec262d18cf1ceef03aae8bdf

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.2-9ubuntu1.2_all.deb
      Size/MD5:   178886 c199af854b2a05ec017ccbf16fff1ebe
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.2-9ubuntu1.2_all.deb
      Size/MD5:   243922 0043a8395f0d8df328bf37147142a83f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.2-9ubuntu1.2_all.deb
      Size/MD5:   719050 6d650b181b81114c85de1b5d56116e79
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.2-9ubuntu1.2_all.deb
      Size/MD5:   154248 33bf53436c6435d8fa6cf1be9792d230
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.2-9ubuntu1.2_all.deb
      Size/MD5:   188948 3a9b3b17c066e2578b05afc7c296d4c6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:   141764 20128d001214d0feba8c675a78f2610b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:   142982 563679325f268c3b9fb6fa38d7c83a1d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:   244900 b0ace3064ef3259ef2886d4ccdb4fdd6
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:   142392 0ac61b5012dfdab65725358d1c81b316
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:  1005556 3c478e7cab8dfc5920444a576d7d8259
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:  1448292 43dd94db74c06a878994c4ac8f948f4d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:  1463164 b1c39dc32d86b4c46a28f287bae6fe6a
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:   686824 b800a7a294ec3dbfa425516ff431b375
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.2_amd64.deb
      Size/MD5:   161152 9ca3ffcee511c521d1a733762a10cc88

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   141042 9fdfa1c234c2d6a5dd059197a697e1d0
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   141592 90a1074f56bf44e69faf60b8132180cc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   230694 3f049a91ed9fbfa1332eceafd29c455e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   141400 c902c074b0ceeaa79cefdd96fbfee7a9
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   837402 c2d93b7c771254f757607e95f1c0f3ad
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:  1365572 884e1192749cc84df63de616f896f6e7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:  1453078 5784f53e3192c0ee87aacad94cab7671
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   632592 9c5600abc51f03c4c683f2985f8ac651
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.2_i386.deb
      Size/MD5:   160970 c30bd96634994d67f74aaa086027482b

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   143308 6dae2ef2b7b85a6768cf535a6a54d44d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   143800 cac040139f548d3a4ccfbf722a9d0d25
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   236146 5369801773348b054e2e70cfccd8b9c2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   143514 58502efc8a5ff0dd09e0976b73678fb6
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   995670 ab298667737974f0ad33e2350f7516b6
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:  1450932 d1e411b4f633c1800ca11bf32a3a676c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:  1462544 e376c7db83ba3ddf496c6a203d3bf370
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   649772 0a3d04ed6917ab59e30e8bf4459d0abd
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.2_powerpc.deb
      Size/MD5:   162892 278464805dda6bede0c2cd95471b7109

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.1.diff.gz
      Size/MD5:    34702 303adc72aff3bcacc7d61d4eeab84db3
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.1.dsc
      Size/MD5:     1031 cbf5c20eae178ae9fecbb8fb946d4f9e
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4.orig.tar.gz
      Size/MD5:  4308915 2994203e0815ea978965de34287c5ea2

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.4-1ubuntu1.1_all.deb
      Size/MD5:   206542 98084139044f8fdc262438d76999296d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.4-1ubuntu1.1_all.deb
      Size/MD5:   271408 6bcbc5ad1b716eb0544e50fd31d4868b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.4-1ubuntu1.1_all.deb
      Size/MD5:   756584 fa73f477428a1f07622b58cdb8c8684a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.4-1ubuntu1.1_all.deb
      Size/MD5:   181308 3766c6aea3123964b7d328268de9b0be
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.4-1ubuntu1.1_all.deb
      Size/MD5:   213562 a442acf3ac6c8470126a3fb7d8df71b8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:   168972 d1976e52894322ac1f8b266457b93418
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:   170176 d475a684b9b6948c8239ee3e0c951d0b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:   273622 d90ae0ccd4af8429269784d6b650c4ad
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:   169606 b072ab3ac1766c64d039b32dbe6d7b3e
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:  1041130 5a5251d20c12df84cce66e8ef4c2a1c8
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:  1505950 3353284413f1f0f56f2f0455a1c925eb
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:  1797610 5dfe44c01d05ef1967c044b4b52f377b
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:   717180 171aa258d057bfe0c90327aa0bb855ec
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.1_amd64.deb
      Size/MD5:   188540 a29fe02de47d5923318b748ecab83be0

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   168186 0cee92f2dc40ae02b9d889b42f0c30fb
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   168732 1e5c28c097d5a22fe16168e42aeb0d4e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   258056 3dea0e3bc55915c7ffeff6ec29fb192f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   168590 69b295695e121006db7d900edfb1f76d
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   870548 6206d32ae4e76d15d8ae51ba162c77e7
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:  1419778 6045dc03a6f16ea8c3da8e94829f828a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:  1789438 eccfbee428895a6dbee16d067c570517
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   662090 e3a0775b7040a8678cb09e336bc1ffc4
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.1_i386.deb
      Size/MD5:   188314 52e9dc0c58ae7646d498fd9145636e25

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:   170434 f42c1e2cfa3b7ec5f4a9a9f8dcf9ac68
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:   170954 5f1b6083df76503e58d807b83998cbfc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:   263994 0ac393b8835c0c512523d851afc761f5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:   170712 c7d4fe3ee1177039ff61f08b03016fba
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:  1030766 4d216f7d43d956367142429c915ecda3
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:  1507764 4ee0928d4c93128799ca154a3e0429ac
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:  1797508 b5e910e40ba5433ef1ba78fa7a876ab6
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:   681152 e9f89b62748c676149156ec2d5e7e996
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.1_powerpc.deb
      Size/MD5:   190336 991a4391c9ef76de5c9994492a7fd0e2

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   168264 713a3ec5e5b15582957991419299e1fe
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   169088 0f93b7776c4d0787e860e3ba5d3988bf
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   266348 e072278c715097e00dba709f886fd2d7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   168878 f1c13beb97f446e4d7371670b04e00e9
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   914636 dd05ba84869260ffa4369294cc4fe5bb
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:  1461226 87227193a257e9720be60958daefc83e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:  1793528 20daab4b4f23e46b4e2a1f97cc48f147
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   702906 1597c7f05c72ba0a160db78b59545a49
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.1_sparc.deb
      Size/MD5:   188572 eca0073b2678ce003dd084014e4223fb

    

- 漏洞信息

27144
Ruby alias Function Safe Level Security Bypass
Local Access Required, Remote / Network Access Other
Loss of Confidentiality
Exploit Unknown

- 漏洞描述

Ruby contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due to an unspecified error in the handling of the "alias" functionality. No further details have been provided.

- 时间线

2006-07-11 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.8.5, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. This vulnerability has also been fixed in a snapshot version in the CVS repository.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Yukihiro Matsumoto Ruby Multiple SAFE Level Restriction Bypass Vulnerabilities
Design Error 18944
Yes No
2006-07-12 12:00:00 2006-10-16 08:59:00
The vendor reported these issues.

- 受影响的程序版本

Yukihiro Matsumoto Ruby 1.8.4
Yukihiro Matsumoto Ruby 1.8.3
Yukihiro Matsumoto Ruby 1.8.2 pre4
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre3
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre2
Yukihiro Matsumoto Ruby 1.8.2 pre1
Yukihiro Matsumoto Ruby 1.8.2
+ Red Hat Fedora Core4
+ Red Hat Fedora Core3
Yukihiro Matsumoto Ruby 1.8.1
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
Yukihiro Matsumoto Ruby 1.8
+ Red Hat Fedora Core3
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Yukihiro Matsumoto Ruby 1.6.8
Yukihiro Matsumoto Ruby 1.6.7
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Yukihiro Matsumoto Ruby 1.6
Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise Desktop 10
SGI ProPack 3.0 SP6
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Open-Enterprise-Server 1
S.u.S.E. Office Server
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Office Server
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux Database Server 0
S.u.S.E. Linux Connectivity Server
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
OpenPKG OpenPKG 2.5
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG 2.2
OpenPKG OpenPKG 2.1
OpenPKG OpenPKG 2.0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1

- 漏洞讨论

Ruby is prone to multiple vulnerabilities that let attackers bypass SAFE-level restrictions.

These issues allow attackers to bypass the expected SAFE-level restrictions, possibly allowing them to execute unauthorized script code in the context of affected applications. The specific impact of these issues depends on the implementation of scripts that use SAFE-level security checks.

- 漏洞利用

Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

The vendor has reported that these issues will be released in the upcoming Ruby version 1.8.5. A snapshot version that includes fixes is available from the vendor.

Please see the referenced advisories for more information.


Yukihiro Matsumoto Ruby 1.6

Yukihiro Matsumoto Ruby 1.8

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站