Ruby 1.9.1 Update With Fix for Heap Overflow
There is a heap overflow vulnerability in String#ljust, String#center and String#rjust. This has allowed an attacker to run arbitrary code in some rare cases.
The bug is in
rb_str_justify, more details about the bug are available. The vulnerability only exists on 1.9.1.
1.9.1-p376 also brings many bug fixes for other problems, details from the 1.9.1-p376 release notes:
* Irb extension commands had been broken. It was fixed.
* Ripper had not been able to parse some Ruby codes. It was fixed.
* Fixed build failures on AIX.
* Some bug fixes of Matrix.
* Can load gems which is installed in an user's home directory.
* Some method became returning a string with a correct encoding.
Meanwhile, work on Ruby 1.9.2 is progressing (Changelog for the Ruby 1.9 trunk (Caution: large file)). Ruby 1.9.2 was delayed earlier this year to make sure it actually complies with RubySpec tests.
a good news for Ruby 1.9.1
Uwe Zdun, Rafael Capilla, Huy Tran, Olaf Zimmermann Mar 09, 2014
Olav Maassen, Liz Keogh & Chris Matts Mar 08, 2014