ALAS-2016-632


Amazon Linux AMI Security Advisory: ALAS-2016-632
Advisory Release Date: 2016-01-18 11:00 Pacific
Severity: Low
References: CVE-2015-7551 

Issue Overview:

DL::dlopen could open a library with tainted library name even if $SAFE > 0.


Affected Packages:

ruby19,ruby20,ruby21,ruby22


Issue Correction:
Run yum update ruby19 to update your system.
Run yum update ruby20 to update your system.
Run yum update ruby21 to update your system.
Run yum update ruby22 to update your system.

New Packages:
i686:
    rubygem22-psych-2.0.8-1.8.amzn1.i686
    ruby22-debuginfo-2.2.4-1.8.amzn1.i686
    ruby22-2.2.4-1.8.amzn1.i686
    rubygem22-io-console-0.4.3-1.8.amzn1.i686
    ruby22-devel-2.2.4-1.8.amzn1.i686
    ruby22-libs-2.2.4-1.8.amzn1.i686
    rubygem22-bigdecimal-1.2.6-1.8.amzn1.i686
    ruby21-libs-2.1.8-1.19.amzn1.i686
    rubygem21-io-console-0.4.3-1.19.amzn1.i686
    ruby21-devel-2.1.8-1.19.amzn1.i686
    ruby21-debuginfo-2.1.8-1.19.amzn1.i686
    rubygem21-psych-2.0.5-1.19.amzn1.i686
    rubygem21-bigdecimal-1.2.4-1.19.amzn1.i686
    ruby21-2.1.8-1.19.amzn1.i686
    rubygem19-io-console-0.3-32.70.amzn1.i686
    ruby19-libs-1.9.3.551-32.70.amzn1.i686
    rubygem19-bigdecimal-1.1.0-32.70.amzn1.i686
    ruby19-devel-1.9.3.551-32.70.amzn1.i686
    ruby19-1.9.3.551-32.70.amzn1.i686
    ruby19-doc-1.9.3.551-32.70.amzn1.i686
    rubygem19-json-1.5.5-32.70.amzn1.i686
    ruby19-debuginfo-1.9.3.551-32.70.amzn1.i686
    ruby20-2.0.0.648-1.29.amzn1.i686
    rubygem20-io-console-0.4.2-1.29.amzn1.i686
    ruby20-libs-2.0.0.648-1.29.amzn1.i686
    ruby20-debuginfo-2.0.0.648-1.29.amzn1.i686
    rubygem20-bigdecimal-1.2.0-1.29.amzn1.i686
    ruby20-devel-2.0.0.648-1.29.amzn1.i686
    rubygem20-psych-2.0.0-1.29.amzn1.i686

noarch:
    ruby22-irb-2.2.4-1.8.amzn1.noarch
    rubygems22-devel-2.4.5.1-1.8.amzn1.noarch
    ruby22-doc-2.2.4-1.8.amzn1.noarch
    rubygems22-2.4.5.1-1.8.amzn1.noarch
    ruby21-doc-2.1.8-1.19.amzn1.noarch
    ruby21-irb-2.1.8-1.19.amzn1.noarch
    rubygems21-devel-2.2.5-1.19.amzn1.noarch
    rubygems21-2.2.5-1.19.amzn1.noarch
    rubygems19-1.8.23.2-32.70.amzn1.noarch
    rubygems19-devel-1.8.23.2-32.70.amzn1.noarch
    rubygem19-rake-0.9.2.2-32.70.amzn1.noarch
    ruby19-irb-1.9.3.551-32.70.amzn1.noarch
    rubygem19-minitest-2.5.1-32.70.amzn1.noarch
    rubygem19-rdoc-3.9.5-32.70.amzn1.noarch
    rubygems20-2.0.14.1-1.29.amzn1.noarch
    ruby20-doc-2.0.0.648-1.29.amzn1.noarch
    rubygems20-devel-2.0.14.1-1.29.amzn1.noarch
    ruby20-irb-2.0.0.648-1.29.amzn1.noarch

src:
    ruby22-2.2.4-1.8.amzn1.src
    ruby21-2.1.8-1.19.amzn1.src
    ruby19-1.9.3.551-32.70.amzn1.src
    ruby20-2.0.0.648-1.29.amzn1.src

x86_64:
    ruby22-devel-2.2.4-1.8.amzn1.x86_64
    ruby22-libs-2.2.4-1.8.amzn1.x86_64
    rubygem22-io-console-0.4.3-1.8.amzn1.x86_64
    ruby22-debuginfo-2.2.4-1.8.amzn1.x86_64
    rubygem22-psych-2.0.8-1.8.amzn1.x86_64
    rubygem22-bigdecimal-1.2.6-1.8.amzn1.x86_64
    ruby22-2.2.4-1.8.amzn1.x86_64
    rubygem21-bigdecimal-1.2.4-1.19.amzn1.x86_64
    ruby21-2.1.8-1.19.amzn1.x86_64
    rubygem21-psych-2.0.5-1.19.amzn1.x86_64
    ruby21-debuginfo-2.1.8-1.19.amzn1.x86_64
    ruby21-devel-2.1.8-1.19.amzn1.x86_64
    ruby21-libs-2.1.8-1.19.amzn1.x86_64
    rubygem21-io-console-0.4.3-1.19.amzn1.x86_64
    ruby19-devel-1.9.3.551-32.70.amzn1.x86_64
    rubygem19-bigdecimal-1.1.0-32.70.amzn1.x86_64
    ruby19-libs-1.9.3.551-32.70.amzn1.x86_64
    rubygem19-io-console-0.3-32.70.amzn1.x86_64
    ruby19-doc-1.9.3.551-32.70.amzn1.x86_64
    ruby19-debuginfo-1.9.3.551-32.70.amzn1.x86_64
    ruby19-1.9.3.551-32.70.amzn1.x86_64
    rubygem19-json-1.5.5-32.70.amzn1.x86_64
    ruby20-debuginfo-2.0.0.648-1.29.amzn1.x86_64
    rubygem20-bigdecimal-1.2.0-1.29.amzn1.x86_64
    ruby20-2.0.0.648-1.29.amzn1.x86_64
    ruby20-libs-2.0.0.648-1.29.amzn1.x86_64
    rubygem20-psych-2.0.0-1.29.amzn1.x86_64
    ruby20-devel-2.0.0.648-1.29.amzn1.x86_64
    rubygem20-io-console-0.4.2-1.29.amzn1.x86_64