Oval Definition:	oval:org.mitre.oval:def:21785
Revision Date: 2014-05-26 Version: 40 Title: ELSA-2008:0897: ruby security update (Moderate) Description: resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2008-1145 CVE-2008-3443 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905 ELSA-2008:0897-01 Platform(s): Oracle Linux 5 Product(s): ruby Definition Synopsis Oracle Linux 5.x AND rpm test ruby-docs is earlier than 0:1.8.5-5.el5_2.5 OR ruby-ri is earlier than 0:1.8.5-5.el5_2.5 OR ruby-mode is earlier than 0:1.8.5-5.el5_2.5 OR ruby-tcltk is earlier than 0:1.8.5-5.el5_2.5 OR ruby-libs is earlier than 0:1.8.5-5.el5_2.5 OR ruby-irb is earlier than 0:1.8.5-5.el5_2.5 OR ruby-rdoc is earlier than 0:1.8.5-5.el5_2.5 OR ruby is earlier than 0:1.8.5-5.el5_2.5 OR ruby-devel is earlier than 0:1.8.5-5.el5_2.5
BACK