Multiple vulnerabilities have been discovered in the Ruby interpreter and some of the libraries included in the Ruby installation. It's recommended that you upgrade to the latest version of Ruby immediately.
Among the vulnerabilities is the ability to modify several important variables when the $SAFE level is elevated and a denial of service vulnerability in WEBRick. While this may not lead directly to system compromise, this is still a serious situation.
All Ruby 1.8.7 versions older than 1.8.7-p72 and 1.8.6 versions older than 1.8.6-p287 are vulnerable, please upgrade immediately.
Official AnnouncementComments
No comments yet. Leave a Comment