Oval Definition:	oval:com.ubuntu.precise:def:20112705000
Revision Date: 2011-08-05 Version: 1 Title: CVE-2011-2705 on Ubuntu 12.04 LTS (precise) - medium. Description: The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID. Family: unix Class: vulnerability Status: Reference(s): CVE-2011-2705 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'ruby1.8' package in precise is not affected. OR NOT While related to the CVE in some way, the 'ruby1.9.1' package in precise is not affected.
BACK