Oval Definition:oval:org.mitre.oval:def:21638
Revision Date:2014-02-24Version:74
Title:RHSA-2011:0909: ruby security update (Moderate)
Description:The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2011:0909
CVE-2009-4492
CVE-2010-0541
CVE-2011-0188
CVE-2011-1004
CVE-2011-1005
RHSA-2011:0909-01
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 5
Product(s):ruby
Definition Synopsis
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • ruby-docs is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-ri is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-mode is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-tcltk is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-libs is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-irb is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-rdoc is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby is earlier than 0:1.8.5-19.el5_6.1
  • OR ruby-devel is earlier than 0:1.8.5-19.el5_6.1
    • BACK