Oval Definition:oval:org.mitre.oval:def:20949
Revision Date:2014-02-17Version:38
Title:RHSA-2013:0129: ruby security and bug fix update (Moderate)
Description:The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:0129
CVE-2012-4481
CVE-2012-4522
RHSA-2013:0129-00
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 5
Product(s):ruby
Definition Synopsis
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • ruby-tcltk is earlier than 0:1.8.5-27.el5
  • OR ruby-ri is earlier than 0:1.8.5-27.el5
  • OR ruby-rdoc is earlier than 0:1.8.5-27.el5
  • OR ruby-devel is earlier than 0:1.8.5-27.el5
  • OR ruby-mode is earlier than 0:1.8.5-27.el5
  • OR ruby is earlier than 0:1.8.5-27.el5
  • OR ruby-docs is earlier than 0:1.8.5-27.el5
  • OR ruby-libs is earlier than 0:1.8.5-27.el5
  • OR ruby-irb is earlier than 0:1.8.5-27.el5
    • BACK