Advisories » MGASA-2016-0276

Updated ruby-eventmachine packages fix security vulnerability

Publication date: 06 Aug 2016
Modification date: 06 Aug 2016
Type: security
Affected Mageia releases : 5

Description

EventMachine could be crashed by opening a high number of parallel
connections (>= 1024) towards a server using the EventMachine engine. The
crash happens due to the file descriptors overwriting the stack.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18988
• http://lwn.net/Alerts/694766/
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678512
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696015

SRPMS

5/core

• ruby-eventmachine-1.0.3-3.1.mga5