MDVSA-2012:024 -- Mandriva rubyID: oval:org.secpod.oval:def:302799 | Date: (C)2012-12-11 (M)2023-11-16 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in ruby: Ruby before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via crafted input to an application that maintains a hash table. The updated packages have been patched to correct this issue.
Platform: |
Mandriva Linux 2011.0 |
Mandriva Linux 2010.1 |