OVAL Reference oval:org.mitre.oval:def:21881

Oval Definition:

oval:org.mitre.oval:def:21881

Revision Date:	2014-02-24	Version:	44
Title:	RHSA-2011:0910: ruby security update (Moderate)
Description:	The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 RHSA-2011:0910-01
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	ruby
Definition Synopsis
The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section ruby is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-rdoc is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-devel is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-tcltk is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-docs is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-static is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-libs is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-irb is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-ri is earlier than 0:1.8.7.299-7.el6_1.1