|ordinant||PSI database fix: Cygwin ruby.exe is not Rubyforge's ruby.exe|
|19th Mar, 2011 03:45|
User Since: 19th Mar, 2011
System Score: N/A
Last edited on 19th Mar, 2011 18:45
PSI is flagging the ruby.exe provided as part of the Cygwin package as insecure, but then provides a link to download a different Ruby installer from Rubyforge.org.
Please update your database to distinguish between Cygwin's ruby.exe and Rubyforge.org's ruby.exe. Cygwin users can only get updates from Cygwin, and if the Cygwin project does not yet offer a newer Ruby version, we just have to wait.
Actually, the PSI database should check the path of all executables it detects. If the path begins with [driveletter]:\Cygwin\bin, then send the user to http://cygwin.com to obtain updates, despite whatever other update URLs your database might currently think is appropriate.
|Anthony Wells||RE: PSI database fix: Cygwin ruby.exe is not Rubyforge's ruby.exe|
|20th Mar, 2011 14:00|
User Since: 19th Dec 2007
System Score: N/A
Last edited on 20th Mar, 2011 14:08
Secunia support are quite busy at the moment , but even so do not work weekends on the PSI .
The PSI reports on insecure programmes , apps., etc., and seeks and reports the insecurities :eg: a .dll or an.exe file wherever it can find/see/get it's hands on it ; in this case the ruby.exe file is what it seeks : so whether it is possible to fine tune the detection higher up the detected instance pathway is perhaps not so easy . Embedded "insecure" apps are considered the problem of the covering programme vendor ; rather as you have remarked , but give the known update link to the insecurity not to the vendor .
If a Secunia official does not pick up your thread early next week you may wish to contact them by email at email@example.com .
If not having a 100% PSI score is of concern , you can set an ignore rule for the "detected instance" while you wait for Cygwin to rectify the problem . Setting an ignore rule in the PSI version 2.0.x means the programme is neither scanned nor displayed .
Open the/any programme with the [+] to the lhs of the entry and there are two yellow(ish) folder icons to the left of the detected instance(s) , the one with the red blob is used to set the ignore rule (it's in the Toolbox in PSI version1.5.x) .
It always seems impossible until its done.
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.