development/languages

ruby-tcltk - Tcl/Tk interface for scripting language Ruby

Website: http://www.ruby-lang.org/
License: (Ruby or GPLv2) and TCL
Vendor: Scientific Linux
Description:
Tcl/Tk interface for the object-oriented scripting language Ruby.

Packages

ruby-tcltk-1.8.7.374-3.el6_6.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2014-11-16):
- Fix REXML billion laughs attack via parameter entity expansion
  (CVE-2014-8080).
  Resolves: rhbz#1163993
- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090).
  Resolves: rhbz#1163993
ruby-tcltk-1.8.7.352-13.el6.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2013-11-22):
- Workaround build issues against OpenSSL with enabled ECC curves.
- Make DRb compatible with OpenSSL 1.0.1.
  * ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch
- Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing
  * ruby-1.9.3-p484-CVE-2013-4164-ignore-too-long-fraction-part-which-does-not-affect-the-result.patch
  - Resolves: rhbz#1033500
ruby-tcltk-1.8.7.352-12.el6_4.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2013-07-08):
- Fix regression introduced by CVE-2013-4073
  https://bugs.ruby-lang.org/issues/8575
  * ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch
  - Related: rhbz#979300
ruby-tcltk-1.8.7.352-10.el6_4.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2013-03-01):
- $SAFE escaping vulnerability about Exception#to_s / NameError#to_s
  * ruby-1.8.7-p371-CVE-2012-4481.patch
  - Related: rhbz#915379
ruby-tcltk-1.8.7.352-4.el6_2.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2011-12-19):
- Address CVE-2011-4815 "DoS (excessive CPU use) via hash meet-in-the-middle
  attacks (oCERT-2011-003)"
  * ruby-1.8.7-p352-CVE-2011-4815.patch
- Resolves: rhbz#768831
ruby-tcltk-1.8.7.352-3.el6.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2011-08-12):
- mkconfig.rb: fix for continued lines.
  * ruby-1.8.7-p352-mkconfig.rb-fix-for-continued-lines.patch
- Resolves: rhbz#730287
ruby-tcltk-1.8.7.299-7.el6_1.1.x86_64 [1.6 MiB] Changelog by Vít Ondruch (2011-05-02):
- Address CVE-2011-1004 "Symlink race condition by removing directory trees in
  fileutils module"
  * ruby-1.8.7-CVE-2011-1004.patch
- Address CVE-2011-1005 "Untrusted codes able to modify arbitrary strings"
  * ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 "memory corruption in BigDecimal on 64bit platforms"
  * ruby-1.8.7-CVE-2011-0188.patch
- Resolves: rhbz#709963

Listing created by Repoview-0.6.6-4.el7