Oval Definition:	oval:org.cisecurity:def:209
Revision Date: 2016-02-08 Version: 2 Title: DSA-3322-1 -- ruby-rack -- security update Description: Tomek Rabczak from the NCC Group discovered a flaw in the normalize_params() method in Rack, a modular Ruby webserver interface. A remote attacker can use this flaw via specially crafted requests to cause a `SystemStackError` and potentially cause a denial of service condition for the service. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2015-3225 DSA-3322-1 Platform(s): Debian 8 Debian GNU/kFreeBSD 7.0 Debian GNU/Linux 7.0 Product(s): ruby-rack Definition Synopsis Debian 7 Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND ruby-rack is earlier than 0:1.4.1-2.1+deb7u1 OR Debian 8 Debian 8 is installed AND ruby-rack is earlier than 0:1.5.2-3+deb8u1
BACK