* SECURITY UPDATE: certificate spoofing via invalid return value check
in OCSP_basic_verify
- debian/patches/904_security_CVE-2009-0642.dpatch: also check for -1
return code in ext/openssl/ossl_ocsp.c.
- CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/patches/905_security_CVE-2009-1904.dpatch: handle large
numbers properly in ext/bigdecimal/bigdecimal.c.
- CVE-2009-1904
This bug was fixed in the package ruby1.8 - 1.8.6.111- 2ubuntu1. 3
--------------- 111-2ubuntu1. 3) hardy-security; urgency=low
ruby1.8 (1.8.6.
* SECURITY UPDATE: certificate spoofing via invalid return value check patches/ 904_security_ CVE-2009- 0642.dpatch: also check for -1 ossl_ocsp. c. patches/ 905_security_ CVE-2009- 1904.dpatch: handle large bigdecimal. c.
in OCSP_basic_verify
- debian/
return code in ext/openssl/
- CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/
numbers properly in ext/bigdecimal/
- CVE-2009-1904
-- Marc Deslauriers <email address hidden> Wed, 15 Jul 2009 13:06:03 -0400