RubyFlow : The Ruby Community Blog

Home   Submit   Sign Up   Log In   leaders   Twitter   RSS Feed  
 

Heap Overflow in Floating Point Parsing (CVE-2013-4164). Fixed in 1.9.3-p484 and 2.0.0-p353.


There is an overflow in floating point number parsing in Ruby. This vulnerability has been assigned the CVE identifier CVE-2013-4164.

All users are recommended to upgrade to Ruby 1.9.3 patchlevel 484, ruby 2.0.0 patchlevel 353 or ruby 2.1.0 preview2.

Comments

Post a Comment

Comment abilities for non registered users are currently deactivated, pending time to add a proper CAPTCHA to solve the escalating spam problem. Sorry!