Eric Hodel
4/22/2008 8:33:00 PM
On Apr 22, 2008, at 06:07 AM, Albert Schlef wrote:
> Sometimes, when I use 'gem' to install a package, say 'sudo gem
> install
> dbi', gem uses up all my memory and CPU, and, if I can't manage to
> arrive at a terminal and do 'sudo killall -9 ruby', I'm left with no
> choice but reboot my Ubuntu box.
>
> I'm using Ruby 1.8, gem 0.9.0.
Upgrade your RubyGems. 0.9.0 has a security vulnerability that allows
a malicious gem to overwrite any file on your filesystem.