On October 22, in a security notice Canonical published details about Ruby 1.8 vulnerabilities for its Ubuntu 12.10 (Quantal Quetzal) operating system.
According to Canonical, Ruby 1.8 could have allowed excessive access in untrusted programs. Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels.
An attacker could have used this flaw to bypass intended access restrictions.
These are the two Ruby 1.8 vulnerabilities found in packages for Ubuntu 12.10: CVE-2012-4466 and CVE-2012-4481.
As usual, you can click on each one to see how it affects your system, or go here for in-depth descriptions, as it affects other Linux operating systems as well.
The security flaws can be fixed if you upgrade your system(s) to the latest Ruby 1.8 package. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. A system restart won’t be necessary to implement the changes.