--------------enig519367731218FEEFB9AFA4BF
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hello all.  This is a security fix for ruby 1.8.7.

A vulnerability was found in Ruby's BigDecimal stdlib.  That enables atta=
ckers
to cause ruby process segfault.  This release is to fix that issue.  For =
a
detailed info on the vulnerability please refer:

http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecim=
al/

Released tarballs are available at:

ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p173.tar.gz
ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p173.tar.bz2
ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p173.zip

and checksums:

MD5(ruby-1.8.7-p173.tar.gz)=3D 74fbd67496ab7cc4de896d053f1507a5
SHA256(ruby-1.8.7-p173.tar.gz)=3D 89ad16522f0a2f91e83e418e63cd27ec0fa6e40=
b17118c29f48b24468490a662
SIZE(ruby-1.8.7-p173.tar.gz)=3D 4823322

MD5(ruby-1.8.7-p173.tar.bz2)=3D bf297efaa24ec6cdb74963c0f608f6f1
SHA256(ruby-1.8.7-p173.tar.bz2)=3D 7cec49bc4afb82188ca4bdb5a0400ec7ede6bf=
0937af9dd6acaca4e54b8aa760
SIZE(ruby-1.8.7-p173.tar.bz2)=3D 4144667

MD5(ruby-1.8.7-p173.zip)=3D ef2f79470286bf885aeadb10c32ff379
SHA256(ruby-1.8.7-p173.zip)=3D 92e55401af85363955bac9c08366a9e1b144d4e4f7=
56cc3c552b4fd242bf540a
SIZE(ruby-1.8.7-p173.zip)=3D 5881664

Thank you.


--------------enig519367731218FEEFB9AFA4BF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkou+/wACgkQuTXPUnA5eMJaOwCgggdVGviqwobmtb5YNZgU2/Oq
VlIAni+Y2b6Ekea8I9dTBulS7gTFEX6A
=JwuW
-----END PGP SIGNATURE-----

--------------enig519367731218FEEFB9AFA4BF--