| ruby-devel-1.8.5-31.el5_9.i386
              [559 KiB] | Changelog
              by Vít Ondruch (2013-07-08): - Fix regression introduced by CVE-2013-4073
  https://bugs.ruby-lang.org/issues/8575
  * ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch
  - Related: rhbz#979297 | 
            | ruby-devel-1.8.5-31.el5_9.x86_64
              [567 KiB] | Changelog
              by Vít Ondruch (2013-07-08): - Fix regression introduced by CVE-2013-4073
  https://bugs.ruby-lang.org/issues/8575
  * ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch
  - Related: rhbz#979297 | 
            | ruby-devel-1.8.5-29.el5_9.x86_64
              [567 KiB] | Changelog
              by Vít Ondruch (2013-02-28): - Fix regression introduced by fix for entity expansion DOS vulnerability
  in REXML (https://bugs.ruby-lang.org/issues/7961)
  * ruby-2.0.0-add-missing-rexml-require.patch
- Related: rhbz#915377 | 
            | ruby-devel-1.8.5-29.el5_9.i386
              [558 KiB] | Changelog
              by Vít Ondruch (2013-02-28): - Fix regression introduced by fix for entity expansion DOS vulnerability
  in REXML (https://bugs.ruby-lang.org/issues/7961)
  * ruby-2.0.0-add-missing-rexml-require.patch
- Related: rhbz#915377 | 
            | ruby-devel-1.8.5-27.el5.x86_64
              [566 KiB] | Changelog
              by Vít Ondruch (2012-10-25): - unintentional file creation caused by inserting an illegal NUL character
  * ruby-1.8.6-CVE-2012-4522-io.c-pipe_open-command-name-should-not-contain-null-.patch
  - Related: rhbz#867750 | 
            | ruby-devel-1.8.5-27.el5.i386
              [558 KiB] | Changelog
              by Vít Ondruch (2012-10-25): - unintentional file creation caused by inserting an illegal NUL character
  * ruby-1.8.6-CVE-2012-4522-io.c-pipe_open-command-name-should-not-contain-null-.patch
  - Related: rhbz#867750 | 
            | ruby-devel-1.8.5-22.el5_7.1.x86_64
              [565 KiB] | Changelog
              by Vít Ondruch (2012-01-17): - Properly initialize the random number generator when forking new process
  * ruby-1.8.7-CVE-2011-3009.patch
  - Related: rhbz#768829 | 
            | ruby-devel-1.8.5-22.el5_7.1.i386
              [557 KiB] | Changelog
              by Vít Ondruch (2012-01-17): - Properly initialize the random number generator when forking new process
  * ruby-1.8.7-CVE-2011-3009.patch
  - Related: rhbz#768829 | 
            | ruby-devel-1.8.5-19.el5_6.1.i386
              [556 KiB] | Changelog
              by Vít Ondruch (2011-05-02): - Address CVE-2011-1004 "Symlink race condition by removing directory trees in
  fileutils module"
  * ruby-1.8.7-CVE-2011-1004.patch
- Address CVE-2011-1005 "Untrusted codes able to modify arbitrary strings"
  * ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 "memory corruption in BigDecimal on 64bit platforms"
  * ruby-1.8.7-CVE-2011-0188.patch
- Address CVE-CVE-2010-0541 "Ruby WEBrick javascript injection flaw"
  * ruby-1.8.7-CVE-2010-0541.patch
- Address CVE-CVE-2009-4492 "ruby WEBrick log escape sequence"
  * ruby-1.8.6-CVE-2009-4492.patch
- Resolves: rhbz#709957 | 
            | ruby-devel-1.8.5-19.el5_6.1.x86_64
              [564 KiB] | Changelog
              by Vít Ondruch (2011-05-02): - Address CVE-2011-1004 "Symlink race condition by removing directory trees in
  fileutils module"
  * ruby-1.8.7-CVE-2011-1004.patch
- Address CVE-2011-1005 "Untrusted codes able to modify arbitrary strings"
  * ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 "memory corruption in BigDecimal on 64bit platforms"
  * ruby-1.8.7-CVE-2011-0188.patch
- Address CVE-CVE-2010-0541 "Ruby WEBrick javascript injection flaw"
  * ruby-1.8.7-CVE-2010-0541.patch
- Address CVE-CVE-2009-4492 "ruby WEBrick log escape sequence"
  * ruby-1.8.6-CVE-2009-4492.patch
- Resolves: rhbz#709957 | 
            | ruby-devel-1.8.5-5.el5_3.7.i386
              [555 KiB] | Changelog
              by Akira TAGOH (2009-06-17): - security fixes. (#505087)
- CVE-2007-1558: APOP password disclosure vulnerability.
- CVE-2009-0642: Incorrect checks for validity of X.509 certificates.
- CVE-2009-1904: DoS vulnerability in BigDecimal. | 
            | ruby-devel-1.8.5-5.el5_3.7.x86_64
              [563 KiB] | Changelog
              by Akira TAGOH (2009-06-17): - security fixes. (#505087)
- CVE-2007-1558: APOP password disclosure vulnerability.
- CVE-2009-0642: Incorrect checks for validity of X.509 certificates.
- CVE-2009-1904: DoS vulnerability in BigDecimal. | 
            | ruby-devel-1.8.5-5.el5_2.6.x86_64
              [563 KiB] | Changelog
              by Akira TAGOH (2008-11-19): - security fix (#470262)
- CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for
                 CVE-2008-3656 actually fixed different issue (CVE-2008-1145),
                 hence we are providing correct patch and renaming original
                 patch to refer to proper CVE. | 
            | ruby-devel-1.8.5-5.el5_2.6.i386
              [555 KiB] | Changelog
              by Akira TAGOH (2008-11-19): - security fix (#470262)
- CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for
                 CVE-2008-3656 actually fixed different issue (CVE-2008-1145),
                 hence we are providing correct patch and renaming original
                 patch to refer to proper CVE. | 
            | ruby-devel-1.8.5-5.el5_2.5.x86_64
              [562 KiB] | Changelog
              by Akira TAGOH (2008-10-08): - Build with -fno-strict-aliasing. | 
            | ruby-devel-1.8.5-5.el5_2.5.i386
              [555 KiB] | Changelog
              by Akira TAGOH (2008-10-08): - Build with -fno-strict-aliasing. | 
            | ruby-devel-1.8.5-5.el5_2.3.i386
              [553 KiB] | Changelog
              by Akira TAGOH (2008-07-02): - CVE-2008-2376: Integer overflow in rb_ary_fill(). | 
            | ruby-devel-1.8.5-5.el5_2.3.x86_64
              [562 KiB] | Changelog
              by Akira TAGOH (2008-07-02): - CVE-2008-2376: Integer overflow in rb_ary_fill(). |