Mandriva Linux Security Advisory : ruby (MDVSA-2012:024)
High Nessus Plugin ID 58163
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in ruby :
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table (CVE-2011-4815).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.