RubygemsResearch

Sha256: bd52bd470f60da0fa50898852e6131b47a838c69da027773fa59365395e13200

Contents?: true

Size: 593 Bytes

Versions: 6

Compression:

Stored size: 593 Bytes

---
engine: ruby
cve: 2011-3009
url: https://osdir.com/ml/lang-ruby-core/2011-01/msg00917.html
title: |
  Ruby Properly initialize the random number generator when forking new process
date: 2011-07-02
description: |
  Ruby before 1.8.6-p114 does not reset the random seed upon forking, which
  makes it easier for context-dependent attackers to predict the values of
  random numbers by leveraging knowledge of the number sequence obtained in a
  different child process, a related issue to CVE-2003-0900. 
cvss_v2: 5.0
unaffected_versions:
  - ">= 1.9.2"
patched_versions:
  - ">= 1.8.6.114"

Version data entries

6 entries across 6 versions & 2 rubygems

Version	Path
bundler-audit-0.7.0.1	data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml
bundler-budit-0.6.2	data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml
bundler-budit-0.6.1	data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml
bundler-audit-0.6.1	data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml
bundler-audit-0.6.0	data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml
bundler-audit-0.5.0	data/ruby-advisory-db/rubies/ruby/CVE-2011-3009.yml