Oval Definition:oval:org.mitre.oval:def:20593
Revision Date:2014-02-17Version:39
Title:RHSA-2013:0612: ruby security update (Moderate)
Description:lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:0612
CVE-2012-4481
CVE-2013-1821
RHSA-2013:0612-01
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):ruby
Definition Synopsis
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • ruby is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-rdoc is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-devel is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-tcltk is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-docs is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-static is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-irb is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-libs is earlier than 0:1.8.7.352-10.el6_4
  • OR ruby-ri is earlier than 0:1.8.7.352-10.el6_4
    • BACK