Novell Home

CVE-2012-4466

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-4466 at MITRE

Description

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 783525

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • ruby >= 1.8.6.p369-0.14.1
 Builds
ZYPP Patch Nr: 8524
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
  • ruby >= 1.8.6.p369-0.14.1
  • ruby-devel >= 1.8.6.p369-0.14.1
  • ruby-doc-html >= 1.8.6.p369-0.14.1
  • ruby-doc-ri >= 1.8.6.p369-0.14.1
  • ruby-examples >= 1.8.6.p369-0.14.1
  • ruby-test-suite >= 1.8.6.p369-0.14.1
  • ruby-tk >= 1.8.6.p369-0.14.1
 Builds
ZYPP Patch Nr: 8524
SLE 11 SP2 DEBUGINFO
  • ruby-debuginfo >= 1.8.7.p357-0.9.9.1
  • ruby-debugsource >= 1.8.7.p357-0.9.9.1
 Builds
SAT Patch Nr: 7386
SUSE Linux Enterprise Software Development Kit 11 SP2
  • ruby-devel >= 1.8.7.p357-0.9.9.1
  • ruby-doc-html >= 1.8.7.p357-0.9.9.1
  • ruby-doc-ri >= 1.8.7.p357-0.9.9.1
  • ruby-examples >= 1.8.7.p357-0.9.9.1
  • ruby-test-suite >= 1.8.7.p357-0.9.9.1
  • ruby-tk >= 1.8.7.p357-0.9.9.1
 Builds
SAT Patch Nr: 7386
SUSE Linux Enterprise Desktop 11 SP2
  • ruby >= 1.8.7.p357-0.9.9.1
 Builds
SAT Patch Nr: 7386
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • ruby >= 1.8.7.p357-0.9.9.1
  • ruby-doc-html >= 1.8.7.p357-0.9.9.1
  • ruby-tk >= 1.8.7.p357-0.9.9.1
 Builds
SAT Patch Nr: 7386

© 2013 Novell