← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2014-4975

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2014-4975
1
 
PublicDateAtUSN: 2014-07-17
2
 
Candidate: CVE-2014-4975
3
 
PublicDate: 2014-11-15
4
 
References:
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
6
 
 http://www.openwall.com/lists/oss-security/2014/07/17
7
 
 https://usn.ubuntu.com/usn/usn-2397-1
8
 
Description:
9
 
 Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and
10
 
 earlier, and 2.x through 2.1.2, when using certain format string
11
 
 specifiers, allows context-dependent attackers to cause a denial of service
12
 
 (segmentation fault) via vectors that trigger a stack-based buffer
13
 
 overflow.
14
 
Ubuntu-Description:
15
 
Notes:
16
 
 mdeslaur> not likely to be exposed, and stack protector limits to DoS
17
 
Bugs:
18
 
 https://bugs.ruby-lang.org/issues/10019
19
 
Priority: low
20
 
Discovered-by: Will Wood
21
 
Assigned-to: mdeslaur
22
 
 
23
 
Patches_ruby1.8:
24
 
upstream_ruby1.8: needs-triage
25
 
lucid_ruby1.8: ignored (reached end-of-life)
26
 
precise_ruby1.8: not-affected (1.8.7.352-2ubuntu1.4)
27
 
trusty_ruby1.8: DNE
28
 
utopic_ruby1.8: DNE
29
 
vivid_ruby1.8: DNE
30
 
vivid/stable-phone-overlay_ruby1.8: DNE
31
 
vivid/ubuntu-core_ruby1.8: DNE
32
 
wily_ruby1.8: DNE
33
 
devel_ruby1.8: DNE
34
 
 
35
 
Patches_ruby1.9:
36
 
upstream_ruby1.9: needs-triage
37
 
lucid_ruby1.9: ignored (reached end-of-life)
38
 
precise_ruby1.9: DNE
39
 
trusty_ruby1.9: DNE
40
 
utopic_ruby1.9: DNE
41
 
vivid_ruby1.9: DNE
42
 
vivid/stable-phone-overlay_ruby1.9: DNE
43
 
vivid/ubuntu-core_ruby1.9: DNE
44
 
wily_ruby1.9: DNE
45
 
devel_ruby1.9: DNE
46
 
 
47
 
Tags_ruby1.9.1: stack-protector
48
 
Patches_ruby1.9.1:
49
 
upstream_ruby1.9.1: needs-triage
50
 
lucid_ruby1.9.1: ignored (reached end-of-life)
51
 
precise_ruby1.9.1: released (1.9.3.0-1ubuntu2.9)
52
 
trusty_ruby1.9.1: released (1.9.3.484-2ubuntu1.1)
53
 
utopic_ruby1.9.1: ignored (reached end-of-life)
54
 
vivid_ruby1.9.1: ignored (reached end-of-life)
55
 
vivid/stable-phone-overlay_ruby1.9.1: DNE
56
 
vivid/ubuntu-core_ruby1.9.1: DNE
57
 
wily_ruby1.9.1: DNE
58
 
devel_ruby1.9.1: DNE
59
 
 
60
 
Tags_ruby2.0: stack-protector
61
 
Patches_ruby2.0:
62
 
upstream_ruby2.0: needs-triage
63
 
lucid_ruby2.0: DNE
64
 
precise_ruby2.0: DNE
65
 
trusty_ruby2.0: released (2.0.0.484-1ubuntu2.1)
66
 
utopic_ruby2.0: released (2.0.0.484+really457-3ubuntu1.1)
67
 
vivid_ruby2.0: DNE
68
 
vivid/stable-phone-overlay_ruby2.0: DNE
69
 
vivid/ubuntu-core_ruby2.0: DNE
70
 
wily_ruby2.0: DNE
71
 
devel_ruby2.0: DNE
72
 
 
73
 
Tags_ruby2.1: stack-protector
74
 
Patches_ruby2.1:
75
 
 upstream: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
76
 
upstream_ruby2.1: needs-triage
77
 
lucid_ruby2.1: DNE
78
 
precise_ruby2.1: DNE
79
 
trusty_ruby2.1: DNE
80
 
utopic_ruby2.1: released (2.1.2-2ubuntu1.1)
81
 
vivid_ruby2.1: released (2.1.2-2ubuntu2)
82
 
vivid/stable-phone-overlay_ruby2.1: DNE
83
 
vivid/ubuntu-core_ruby2.1: DNE
84
 
wily_ruby2.1: released (2.1.2-2ubuntu2)
85
 
devel_ruby2.1: released (2.1.2-2ubuntu2)