OVAL Reference oval:org.mitre.oval:def:23159

Oval Definition:

oval:org.mitre.oval:def:23159

Revision Date:	2014-05-26	Version:	32
Title:	ELSA-2011:0909: ruby security update (Moderate)
Description:	The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2009-4492 CVE-2010-0541 CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 ELSA-2011:0909-01
Platform(s):	Oracle Linux 5	Product(s):	ruby
Definition Synopsis
Oracle Linux 5.x AND rpm test ruby-docs is earlier than 0:1.8.5-19.el5_6.1 OR ruby-ri is earlier than 0:1.8.5-19.el5_6.1 OR ruby-mode is earlier than 0:1.8.5-19.el5_6.1 OR ruby-tcltk is earlier than 0:1.8.5-19.el5_6.1 OR ruby-libs is earlier than 0:1.8.5-19.el5_6.1 OR ruby-irb is earlier than 0:1.8.5-19.el5_6.1 OR ruby-rdoc is earlier than 0:1.8.5-19.el5_6.1 OR ruby is earlier than 0:1.8.5-19.el5_6.1 OR ruby-devel is earlier than 0:1.8.5-19.el5_6.1