Add advisory for ruby DL::Function#call issue, fixed in ruby-1.9.1-p129

[reedloden]

This was never assigned a CVE / OSVDB identifier (requested here), so it's not tracked at all:

• DL::Function#call could pass tainted arguments to a C function even if $SAFE > 0. https://github.com/ruby/ruby/commit/7269e3de3cee3bbb6ab77fc708f3a10cab00b65e

I requested one from MITRE, but they had some questions, which security@ruby-lang.org has yet to respond to: http://seclists.org/oss-sec/2015/q3/222. I just sent them another poke.

@JuanitoFatas, perhaps you can poke somebody to reply to my e-mail? ;)

[reedloden]

@unak just replied to my poke, but still lacking the correct info, I think.

[jasnow]

Found these possible references:

• https://www.openwall.com/lists/oss-security/2015/07/28/4
• https://nvd.nist.gov/vuln/detail/CVE-2013-2065
• https://www.ruby-lang.org/en/news/2013/05/14/taint-bypass-dl-fiddle-cve-2013-2065
  • https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2013-2065.yml

[postmodern]

Confirmed CVE-2013-2065 is discussing the DL::Function#call tainting issue.