Advisories for Gem/Echor package

The echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information.

The echor Gem for Ruby contains a flaw in backplane.rb in the perform_request function that is triggered when a semi-colon ; is injected into a username or password. This may allow a context-dependent attacker to inject arbitrary commands if the gem is used in a RoR application.