OVAL Reference oval:com.ubuntu.xenial:def:20181000119000

Oval Definition:

oval:com.ubuntu.xenial:def:20181000119000

Revision Date:	2018-03-07	Version:	1
Title:	CVE-2018-1000119 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-1000119
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND The 'ruby-rack-protection' package in xenial was vulnerable but has been fixed (note: '1.5.3-2+deb9u1build0.16.04.1').