DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "ri1.9.1": "1.9.3.484-2ubuntu1.3", "ruby1.9.1-dbgsym": "1.9.3.484-2ubuntu1.3", "libruby1.9.1-dbg": "1.9.3.484-2ubuntu1.3", "libtcltk-ruby1.9.1-dbgsym": "1.9.3.484-2ubuntu1.3", "libtcltk-ruby1.9.1": "1.9.3.484-2ubuntu1.3", "libruby1.9.1": "1.9.3.484-2ubuntu1.3", "ruby1.9.1-dev-dbgsym": "1.9.3.484-2ubuntu1.3", "libruby1.9.1-dbgsym": "1.9.3.484-2ubuntu1.3", "ruby1.9.1-dev": "1.9.3.484-2ubuntu1.3", "ruby1.9.3": "1.9.3.484-2ubuntu1.3", "ruby1.9.1-full": "1.9.3.484-2ubuntu1.3", "ruby1.9.1-examples": "1.9.3.484-2ubuntu1.3", "ruby1.9.1": "1.9.3.484-2ubuntu1.3" } ] }