{ "schema_version": "1.7.0", "id": "RHSA-2011:0909", "related": [], "upstream": [ "CVE-2009-4492", "CVE-2010-0541", "CVE-2011-0188", "CVE-2011-1004", "CVE-2011-1005" ], "published": "2024-09-15T19:10:09Z", "modified": "2026-05-09T10:01:27Z", "summary": "Red Hat Security Advisory: ruby security update", "affected": [ { "package": { "name": "ruby", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-debuginfo", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-devel", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-docs", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-docs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-irb", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-irb" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-libs", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-libs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-mode", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-mode" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-rdoc", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-rdoc" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-ri", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-ri" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "ruby-tcltk", "ecosystem": "Red Hat:enterprise_linux:5::server", "purl": "pkg:rpm/redhat/ruby-tcltk" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.8.5-19.el5_6.1" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "type": "ARTICLE", "url": "http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/" }, { "type": "ARTICLE", "url": "http://www.ruby-lang.org/en/news/2011/02/18/exception-methods-can-bypass-safe/" }, { "type": "ARTICLE", "url": "http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/" }, { "type": "ARTICLE", "url": "http://www.ruby-lang.org/en/news/2010/08/16/xss-in-webrick-cve-2010-0541/" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554485" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=587731" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678913" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678920" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682332" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0909.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2009-4492" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2009-4492" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4492" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2010-0541" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2010-0541" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0541" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2011-0188" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0188" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0188" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2011-1004" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1004" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1004" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2011-1005" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1005" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1005" } ] }