Ruby REXML Remote Denial Of Service Vulnerability

Bugtraq ID:	30802
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2008-3790
Remote:	Yes
Local:	No
Published:	Aug 23 2008 12:00AM
Updated:	Apr 16 2015 05:45PM
Credit:	Luka Treiber and Mitja Kolsek of ACROS Security
Vulnerable:	Yukihiro Matsumoto Ruby 1.9 -2 Yukihiro Matsumoto Ruby 1.9 -1 Yukihiro Matsumoto Ruby 1.9 Yukihiro Matsumoto Ruby 1.8.7 -p72 Yukihiro Matsumoto Ruby 1.8.7 -p71 Yukihiro Matsumoto Ruby 1.8.7 -p22 Yukihiro Matsumoto Ruby 1.8.7 -p21 Yukihiro Matsumoto Ruby 1.8.7 Yukihiro Matsumoto Ruby 1.8.6 -p287 Yukihiro Matsumoto Ruby 1.8.6 -p286 Yukihiro Matsumoto Ruby 1.8.6 -p230 Yukihiro Matsumoto Ruby 1.8.6 -p229 Yukihiro Matsumoto Ruby 1.8.6 -p114 Yukihiro Matsumoto Ruby 1.8.6 Yukihiro Matsumoto Ruby 1.8.5 -p231 Yukihiro Matsumoto Ruby 1.8.5 -p230 Yukihiro Matsumoto Ruby 1.8.5 -p2 Yukihiro Matsumoto Ruby 1.8.5 -p115 Yukihiro Matsumoto Ruby 1.8.5 Yukihiro Matsumoto Ruby 1.8.4 Yukihiro Matsumoto Ruby 1.8.3 Yukihiro Matsumoto Ruby 1.8.2 pre4 + Gentoo Linux Yukihiro Matsumoto Ruby 1.8.2 pre3 + Gentoo Linux Yukihiro Matsumoto Ruby 1.8.2 pre2 Yukihiro Matsumoto Ruby 1.8.2 pre1 Yukihiro Matsumoto Ruby 1.8.2 Yukihiro Matsumoto Ruby 1.8.1 Yukihiro Matsumoto Ruby 1.8 + Red Hat Fedora Core3 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Yukihiro Matsumoto Ruby 1.9.0-3 Yukihiro Matsumoto Ruby 1.9 Ubuntu Ubuntu Linux 8.10 sparc Ubuntu Ubuntu Linux 8.10 powerpc Ubuntu Ubuntu Linux 8.10 lpia Ubuntu Ubuntu Linux 8.10 i386 Ubuntu Ubuntu Linux 8.10 amd64 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Slackware Linux 12.2 Slackware Linux 12.1 Slackware Linux 12.0 Slackware Linux 11.0 Slackware Linux -current RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Desktop 4.0 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux 5 Server Pardus Linux 2008 0 Pardus Linux 2007 0 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Apple Mac OS X Server 10.5.6 Apple Mac OS X Server 10.5.5 Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.6 Apple Mac OS X 10.5.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.5
Not Vulnerable:	Apple Mac OS X Server 10.5.7 Apple Mac OS X 10.5.7

Ruby REXML Remote Denial Of Service Vulnerability

Ruby is prone to a remote denial-of-service vulnerability in its REXML module.

Successful exploits may allow remote attackers to cause denial-of-service conditions in applications that use the vulnerable module.

Versions up to and including Ruby 1.9.0-3 are vulnerable.

Ruby REXML Remote Denial Of Service Vulnerability

The following exploits are available:

• /data/vulnerabilities/exploits/30802.xml
• /data/vulnerabilities/exploits/30802.rb

Ruby REXML Remote Denial Of Service Vulnerability

Solution:
Updates are available. Please see the references for more information.


Ubuntu Ubuntu Linux 8.10 powerpc

• Ubuntu irb1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/irb1.9_1.9.0 .2-7ubuntu1.1_all.deb


• Ubuntu libdbm-ruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libdbm-ruby1.9_1.9.0.2 -7ubuntu1.1_powerpc.deb


• Ubuntu libgdbm-ruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libgdbm-ruby1.9_1.9.0. 2-7ubuntu1.1_powerpc.deb


• Ubuntu libopenssl-ruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libopenssl-ruby1.9_1.9 .0.2-7ubuntu1.1_powerpc.deb


• Ubuntu libreadline-ruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libreadline-ruby1.9_1. 9.0.2-7ubuntu1.1_powerpc.deb


• Ubuntu libruby1.9-dbg_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/libruby1.9-dbg_1.9.0.2-7ub untu1.1_powerpc.deb


• Ubuntu libruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/libruby1.9_1.9.0.2-7ubuntu 1.1_powerpc.deb


• Ubuntu libtcltk-ruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libtcltk-ruby1.9_1.9.0 .2-7ubuntu1.1_powerpc.deb


• Ubuntu rdoc1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/rdoc1.9_1.9. 0.2-7ubuntu1.1_all.deb


• Ubuntu ri1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ri1.9_1.9.0. 2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-dev_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/ruby1.9-dev_1.9.0.2-7ubunt u1.1_powerpc.deb


• Ubuntu ruby1.9-elisp_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-elis p_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-examples_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-exam ples_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9_1.9.0.2-7ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/ruby1.9_1.9.0.2-7ubuntu1.1 _powerpc.deb

Mandriva Linux Mandrake 2008.0 x86_64

• Mandriva ruby-1.8.6-5.3mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-devel-1.8.6-5.3mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-doc-1.8.6-5.3mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-tk-1.8.6-5.3mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2008.0

• Mandriva ruby-1.8.6-5.3mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-devel-1.8.6-5.3mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-doc-1.8.6-5.3mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-tk-1.8.6-5.3mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/

Apple Mac OS X Server 10.5

• Apple MacOSXServerUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dm g

Debian Linux 4.0 amd64

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_amd64.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_amd64.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_amd64.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_amd64.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_amd64.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_amd64.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_amd64.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_amd64.deb


• Debian libruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_amd64.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_amd64.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_amd64.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_amd64.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_amd64.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_amd64.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_amd64.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_amd64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_amd64.deb

Debian Linux 4.0 ia-32

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_i386.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_i386.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_i386.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_i386.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_i386.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_i386.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_i386.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_i386.deb


• Debian libruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_i386.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_i386.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_i386.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_i386.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_i386.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_i386.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_i386.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_i386.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_i386.deb

Yukihiro Matsumoto Ruby 1.9

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Debian Linux 4.0 hppa

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_hppa.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_hppa.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_hppa.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_hppa.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_hppa.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_hppa.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_hppa.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_hppa.deb


• Debian libruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_hppa.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_hppa.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_hppa.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_hppa.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_hppa.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_hppa.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_hppa.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_hppa.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_hppa.deb

Yukihiro Matsumoto Ruby 1.9.0-3

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Ubuntu Ubuntu Linux 8.10 sparc

• Ubuntu irb1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/irb1.9_1.9.0 .2-7ubuntu1.1_all.deb


• Ubuntu libdbm-ruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libdbm-ruby1.9_1.9.0.2 -7ubuntu1.1_sparc.deb


• Ubuntu libgdbm-ruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libgdbm-ruby1.9_1.9.0. 2-7ubuntu1.1_sparc.deb


• Ubuntu libopenssl-ruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libopenssl-ruby1.9_1.9 .0.2-7ubuntu1.1_sparc.deb


• Ubuntu libreadline-ruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libreadline-ruby1.9_1. 9.0.2-7ubuntu1.1_sparc.deb


• Ubuntu libruby1.9-dbg_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/libruby1.9-dbg_1.9.0.2-7ub untu1.1_sparc.deb


• Ubuntu libruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/libruby1.9_1.9.0.2-7ubuntu 1.1_sparc.deb


• Ubuntu libtcltk-ruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libtcltk-ruby1.9_1.9.0 .2-7ubuntu1.1_sparc.deb


• Ubuntu rdoc1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/rdoc1.9_1.9. 0.2-7ubuntu1.1_all.deb


• Ubuntu ri1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ri1.9_1.9.0. 2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-dev_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/ruby1.9-dev_1.9.0.2-7ubunt u1.1_sparc.deb


• Ubuntu ruby1.9-elisp_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-elis p_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-examples_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-exam ples_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9_1.9.0.2-7ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/ruby1.9_1.9.0.2-7ubuntu1.1 _sparc.deb

Debian Linux 4.0 mipsel

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_mipsel.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_mipsel.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_mipsel.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_mipsel.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_mipsel.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_mipsel.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_mipsel.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_mipsel.deb


• Debian libruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_mipsel.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_mipsel.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_mipsel.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_mipsel.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_mipsel.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_mipsel.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_mipsel.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_mipsel.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_mipsel.deb

Ubuntu Ubuntu Linux 8.10 amd64

• Ubuntu irb1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/irb1.9_1.9.0 .2-7ubuntu1.1_all.deb


• Ubuntu libdbm-ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libdbm-ruby1 .9_1.9.0.2-7ubuntu1.1_amd64.deb


• Ubuntu libgdbm-ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libgdbm-ruby 1.9_1.9.0.2-7ubuntu1.1_amd64.deb


• Ubuntu libopenssl-ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libopenssl-r uby1.9_1.9.0.2-7ubuntu1.1_amd64.deb


• Ubuntu libreadline-ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libreadline- ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb


• Ubuntu libruby1.9-dbg_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/libruby1.9-dbg_1 .9.0.2-7ubuntu1.1_amd64.deb


• Ubuntu libruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/libruby1.9_1.9.0 .2-7ubuntu1.1_amd64.deb


• Ubuntu libtcltk-ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libtcltk-rub y1.9_1.9.0.2-7ubuntu1.1_amd64.deb


• Ubuntu rdoc1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/rdoc1.9_1.9. 0.2-7ubuntu1.1_all.deb


• Ubuntu ri1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ri1.9_1.9.0. 2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-dev_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/ruby1.9-dev_1.9. 0.2-7ubuntu1.1_amd64.deb


• Ubuntu ruby1.9-elisp_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-elis p_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-examples_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-exam ples_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9_1.9.0.2-7ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/ruby1.9_1.9.0.2- 7ubuntu1.1_amd64.deb

Debian Linux 4.0 ia-64

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_ia64.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_ia64.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_ia64.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_ia64.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_ia64.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_ia64.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_ia64.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_ia64.deb


• Debian libruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_ia64.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_ia64.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_ia64.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_ia64.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_ia64.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_ia64.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_ia64.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_ia64.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_ia64.deb

Debian Linux 4.0 mips

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_mips.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_mips.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_mips.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_mips.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_mips.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_mips.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_mips.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_mips.deb


• Debian libruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_mips.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_mips.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_mips.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_mips.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_mips.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_mips.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_mips.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_mips.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_mips.deb

Mandriva Linux Mandrake 2008.1 x86_64

• Mandriva ruby-1.8.6-9p114.2mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-devel-1.8.6-9p114.2mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-doc-1.8.6-9p114.2mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-tk-1.8.6-9p114.2mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/

Debian Linux 4.0 arm

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb

Mandriva Linux Mandrake 2008.1

• Mandriva ruby-1.8.6-9p114.2mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-devel-1.8.6-9p114.2mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-doc-1.8.6-9p114.2mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-tk-1.8.6-9p114.2mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/

Debian Linux 4.0 powerpc

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian libdbm-ruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_ 1.8.5-4etch3_powerpc.deb


• Debian libdbm-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_ 1.9.0+20060609-1etch3_powerpc.deb


• Debian libgdbm-ruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8 _1.8.5-4etch3_powerpc.deb


• Debian libgdbm-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9 _1.9.0+20060609-1etch3_powerpc.deb


• Debian libopenssl-ruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby 1.8_1.8.5-4etch3_powerpc.deb


• Debian libopenssl-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby 1.9_1.9.0+20060609-1etch3_powerpc.deb


• Debian libreadline-ruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-rub y1.8_1.8.5-4etch3_powerpc.deb


• Debian libreadline-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-rub y1.9_1.9.0+20060609-1etch3_powerpc.deb


• Debian libruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8. 5-4etch3_powerpc.deb


• Debian libruby1.9-dbg_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_ 1.9.0+20060609-1etch3_powerpc.deb


• Debian libruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9. 0+20060609-1etch3_powerpc.deb


• Debian libtcltk-ruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1. 8_1.8.5-4etch3_powerpc.deb


• Debian libtcltk-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1. 9_1.9.0+20060609-1etch3_powerpc.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.8_1.8.5-4etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4 etch3_powerpc.deb


• Debian ruby1.9-dev_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9 .0+20060609-1etch3_powerpc.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb


• Debian ruby1.9_1.9.0+20060609-1etch3_powerpc.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+2 0060609-1etch3_powerpc.deb

Ubuntu Ubuntu Linux 8.10 i386

• Ubuntu irb1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/irb1.9_1.9.0 .2-7ubuntu1.1_all.deb


• Ubuntu libdbm-ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libdbm-ruby1 .9_1.9.0.2-7ubuntu1.1_i386.deb


• Ubuntu libgdbm-ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libgdbm-ruby 1.9_1.9.0.2-7ubuntu1.1_i386.deb


• Ubuntu libopenssl-ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libopenssl-r uby1.9_1.9.0.2-7ubuntu1.1_i386.deb


• Ubuntu libreadline-ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libreadline- ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb


• Ubuntu libruby1.9-dbg_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/libruby1.9-dbg_1 .9.0.2-7ubuntu1.1_i386.deb


• Ubuntu libruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/libruby1.9_1.9.0 .2-7ubuntu1.1_i386.deb


• Ubuntu libtcltk-ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/libtcltk-rub y1.9_1.9.0.2-7ubuntu1.1_i386.deb


• Ubuntu rdoc1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/rdoc1.9_1.9. 0.2-7ubuntu1.1_all.deb


• Ubuntu ri1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ri1.9_1.9.0. 2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-dev_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/ruby1.9-dev_1.9. 0.2-7ubuntu1.1_i386.deb


• Ubuntu ruby1.9-elisp_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-elis p_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-examples_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-exam ples_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9_1.9.0.2-7ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.9/ruby1.9_1.9.0.2- 7ubuntu1.1_i386.deb

Debian Linux 4.0 m68k

• Debian irb1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20 060609-1etch3_all.deb


• Debian rdoc1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+2 0060609-1etch3_all.deb


• Debian ri1.9_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+200 60609-1etch3_all.deb


• Debian ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1 .9.0+20060609-1etch3_all.deb


• Debian ruby1.9-examples_1.9.0+20060609-1etch3_all.deb
  http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-example s_1.9.0+20060609-1etch3_all.deb

Ubuntu Ubuntu Linux 8.10 lpia

• Ubuntu irb1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/irb1.9_1.9.0 .2-7ubuntu1.1_all.deb


• Ubuntu libdbm-ruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libdbm-ruby1.9_1.9.0.2 -7ubuntu1.1_lpia.deb


• Ubuntu libgdbm-ruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libgdbm-ruby1.9_1.9.0. 2-7ubuntu1.1_lpia.deb


• Ubuntu libopenssl-ruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libopenssl-ruby1.9_1.9 .0.2-7ubuntu1.1_lpia.deb


• Ubuntu libreadline-ruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libreadline-ruby1.9_1. 9.0.2-7ubuntu1.1_lpia.deb


• Ubuntu libruby1.9-dbg_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/libruby1.9-dbg_1.9.0.2-7ub untu1.1_lpia.deb


• Ubuntu libruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/libruby1.9_1.9.0.2-7ubuntu 1.1_lpia.deb


• Ubuntu libtcltk-ruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/r/ruby1.9/libtcltk-ruby1.9_1.9.0 .2-7ubuntu1.1_lpia.deb


• Ubuntu rdoc1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/rdoc1.9_1.9. 0.2-7ubuntu1.1_all.deb


• Ubuntu ri1.9_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ri1.9_1.9.0. 2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-dev_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/ruby1.9-dev_1.9.0.2-7ubunt u1.1_lpia.deb


• Ubuntu ruby1.9-elisp_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-elis p_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9-examples_1.9.0.2-7ubuntu1.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.9/ruby1.9-exam ples_1.9.0.2-7ubuntu1.1_all.deb


• Ubuntu ruby1.9_1.9.0.2-7ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/r/ruby1.9/ruby1.9_1.9.0.2-7ubuntu1.1 _lpia.deb

Yukihiro Matsumoto Ruby 1.8

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.2 pre2

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.2 pre1

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.2 pre4

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.2 pre3

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.3

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.4

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.5 -p230

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.5 -p115

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.5

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.5 -p2

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.5 -p231

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.6

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.6 -p230

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.6 -p287

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.6 -p114

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.6 -p229

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.7

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.7 -p22

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.7 -p21

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.7 -p71

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.8.7 -p72

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.9

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.9 -2

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Yukihiro Matsumoto Ruby 1.9 -1

• Yukihiro Matsumoto rexml-expansion-fix.rb
  http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

Apple Mac OS X 10.5.1

• Apple MacOSXUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL827/MacOSXUpdCombo10.5.7.dmg

Apple Mac OS X Server 10.5.1

• Apple MacOSXServerUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dm g

Apple Mac OS X 10.5.2

• Apple MacOSXUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL827/MacOSXUpdCombo10.5.7.dmg

Apple Mac OS X 10.5.3

• Apple MacOSXUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL827/MacOSXUpdCombo10.5.7.dmg

Apple Mac OS X Server 10.5.3

• Apple MacOSXServerUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dm g

Apple Mac OS X 10.5.4

• Apple MacOSXUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL827/MacOSXUpdCombo10.5.7.dmg

Apple Mac OS X Server 10.5.4

• Apple MacOSXServerUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dm g

Apple Mac OS X Server 10.5.5

• Apple MacOSXServerUpdCombo10.5.7.dmg
  http://support.apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dm g

Apple Mac OS X 10.5.6

• Apple MacOSXUpd10.5.7.dmg
  http://support.apple.com/downloads/DL826/MacOSXUpd10.5.7.dmg

Apple Mac OS X Server 10.5.6

• Apple MacOSXServerUpd10.5.7.dmg
  http://support.apple.com/downloads/DL828/MacOSXServerUpd10.5.7.dmg

MandrakeSoft Corporate Server 3.0

• Mandriva ruby-1.8.1-1.11.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-devel-1.8.1-1.11.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-doc-1.8.1-1.11.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-tk-1.8.1-1.11.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 3.0 x86_64

• Mandriva ruby-1.8.1-1.11.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-devel-1.8.1-1.11.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-doc-1.8.1-1.11.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva ruby-tk-1.8.1-1.11.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/

Ruby REXML Remote Denial Of Service Vulnerability

References:

• DoS Vulnerabilities in REXML (Ruby on Rails)
  
• Ruby Homepage (Ruby)
  
• DoS vulnerability in REXML (Ruby)