CVE-2011-2686
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries,SLE SDK 10 SP4 for IBM zSeries,SLE SDK 10 SP4 for IPF,SLE SDK 10 SP4 for X86-64,SLE SDK 10 SP4 for x86,SUSE Lifecycle Management Server 1.1 [Appliance - Tools],SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T,SUSE Linux Enterprise Desktop 10 SP4 for x86,SUSE Linux Enterprise Desktop 11 SP1,SUSE Linux Enterprise Server 11 SP1,SUSE Linux Enterprise Server 11 SP1 for VMware,SUSE Linux Enterprise Software Development Kit 11 SP1,SUSE Studio Extension for System z 1.2,SUSE Studio Onsite 1.1 [Appliance - Studio],SUSE Studio Onsite 1.2 [Appliance - Studio],SUSE Studio Standard Edition 1.2,WebYaST 1.2,openSUSE 11.4
CVE-2011-2686, security advisory, novell, suse linux, suse, security, cve

CVE-2011-2686

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-2686 at MITRE

Description

Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.96
Vector AV:N/AC:L/Au:N/C:P/I:N/A:N
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 704409 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Studio Onsite Runner 1.2
  • ruby-devel >= 1.8.7.p357-0.7.1
Patchnames:
slestso12-ruby-187p357
SUSE Studio Onsite 1.2 [Appliance - Studio]
SUSE Studio Standard Edition 1.2
WebYaST 1.2
  • ruby-dbus >= 0.4.0-0.9.4
  • ruby-devel >= 1.8.7.p357-0.7.1
webyast12.x86-64
SAT Patch Nr: 5715
SUSE Studio Extension for System z 1.2
  • ruby-devel >= 1.8.7.p357-0.7.1
webyast12.x86-64
SAT Patch Nr: 5715
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • ruby >= 1.8.6.p369-0.14.1
Builds
ZYPP Patch Nr: 8524
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
  • ruby >= 1.8.6.p369-0.14.1
  • ruby-devel >= 1.8.6.p369-0.14.1
  • ruby-doc-html >= 1.8.6.p369-0.14.1
  • ruby-doc-ri >= 1.8.6.p369-0.14.1
  • ruby-examples >= 1.8.6.p369-0.14.1
  • ruby-test-suite >= 1.8.6.p369-0.14.1
  • ruby-tk >= 1.8.6.p369-0.14.1
Builds
ZYPP Patch Nr: 8524
openSUSE 11.4
  • ruby >= 1.8.7.p357-0.2.1
  • ruby-devel >= 1.8.7.p357-0.2.1
  • ruby-doc-html >= 1.8.7.p357-0.2.1
  • ruby-doc-ri >= 1.8.7.p357-0.2.1
  • ruby-examples >= 1.8.7.p357-0.2.1
  • ruby-test-suite >= 1.8.7.p357-0.2.1
  • ruby-tk >= 1.8.7.p357-0.2.1
SUSE Linux Enterprise Software Development Kit 11 SP1
  • ruby-devel >= 1.8.7.p357-0.7.1
  • ruby-doc-html >= 1.8.7.p357-0.7.1
  • ruby-doc-ri >= 1.8.7.p357-0.7.1
  • ruby-examples >= 1.8.7.p357-0.7.1
  • ruby-test-suite >= 1.8.7.p357-0.7.1
  • ruby-tk >= 1.8.7.p357-0.7.1
webyast11.x86
sles11-sp1.ppc
slms1.1.x86-64
sle11-sp1-sdk.s390x
webyast11.x86-64
sled11-sp1.x86
sles11-sp1.x86-64
studioonsite1.1.x86-64
sle11-sp1-sdk.ia64
sle11-sp1-sdk.x86
sled11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1-vmware.x86-64
sles11-sp1.ia64
sles11-sp1.x86
sles11-sp1-vmware.x86
sle11-sp1-sdk.ppc
sle11-sp1-sdk.x86-64
SAT Patch Nr: 5716
SUSE Linux Enterprise Software Development Kit 11 SP1
  • ruby-devel >= 1.8.7.p357-0.7.1
  • ruby-doc-ri >= 1.8.7.p357-0.7.1
  • ruby-examples >= 1.8.7.p357-0.7.1
  • ruby-test-suite >= 1.8.7.p357-0.7.1
webyast11.x86
sles11-sp1.ppc
slms1.1.x86-64
sle11-sp1-sdk.s390x
webyast11.x86-64
sled11-sp1.x86
sles11-sp1.x86-64
studioonsite1.1.x86-64
sle11-sp1-sdk.ia64
sle11-sp1-sdk.x86
sled11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1-vmware.x86-64
sles11-sp1.ia64
sles11-sp1.x86
sles11-sp1-vmware.x86
sle11-sp1-sdk.ppc
sle11-sp1-sdk.x86-64
SAT Patch Nr: 5716
SUSE Lifecycle Management Server 1.1 [Appliance - Tools]
SUSE Studio Onsite 1.1 [Appliance - Studio]
  • ruby-dbus >= 0.4.0-0.9.4
  • ruby-devel >= 1.8.7.p357-0.7.1
webyast11.x86
sles11-sp1.ppc
slms1.1.x86-64
sle11-sp1-sdk.s390x
webyast11.x86-64
sled11-sp1.x86
sles11-sp1.x86-64
studioonsite1.1.x86-64
sle11-sp1-sdk.ia64
sle11-sp1-sdk.x86
sled11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1-vmware.x86-64
sles11-sp1.ia64
sles11-sp1.x86
sles11-sp1-vmware.x86
sle11-sp1-sdk.ppc
sle11-sp1-sdk.x86-64
SAT Patch Nr: 5716
SUSE Linux Enterprise Desktop 11 SP1
  • ruby >= 1.8.7.p357-0.7.1
webyast11.x86
sles11-sp1.ppc
slms1.1.x86-64
sle11-sp1-sdk.s390x
webyast11.x86-64
sled11-sp1.x86
sles11-sp1.x86-64
studioonsite1.1.x86-64
sle11-sp1-sdk.ia64
sle11-sp1-sdk.x86
sled11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1-vmware.x86-64
sles11-sp1.ia64
sles11-sp1.x86
sles11-sp1-vmware.x86
sle11-sp1-sdk.ppc
sle11-sp1-sdk.x86-64
SAT Patch Nr: 5716
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
  • ruby >= 1.8.7.p357-0.7.1
  • ruby-doc-html >= 1.8.7.p357-0.7.1
  • ruby-tk >= 1.8.7.p357-0.7.1
webyast11.x86
sles11-sp1.ppc
slms1.1.x86-64
sle11-sp1-sdk.s390x
webyast11.x86-64
sled11-sp1.x86
sles11-sp1.x86-64
studioonsite1.1.x86-64
sle11-sp1-sdk.ia64
sle11-sp1-sdk.x86
sled11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1-vmware.x86-64
sles11-sp1.ia64
sles11-sp1.x86
sles11-sp1-vmware.x86
sle11-sp1-sdk.ppc
sle11-sp1-sdk.x86-64
SAT Patch Nr: 5716
openSUSE 11.4
  • ruby >= 1.8.7.p357-0.2.1
  • ruby-debuginfo >= 1.8.7.p357-0.2.1
  • ruby-debugsource >= 1.8.7.p357-0.2.1
  • ruby-devel >= 1.8.7.p357-0.2.1
  • ruby-doc-html >= 1.8.7.p357-0.2.1
  • ruby-doc-ri >= 1.8.7.p357-0.2.1
  • ruby-examples >= 1.8.7.p357-0.2.1
  • ruby-test-suite >= 1.8.7.p357-0.2.1
  • ruby-tk >= 1.8.7.p357-0.2.1
  • ruby-tk-debuginfo >= 1.8.7.p357-0.2.1
Patchnames:
ruby