OVAL Reference oval:org.mitre.oval:def:23161

Oval Definition:

oval:org.mitre.oval:def:23161

Revision Date:	2014-05-26	Version:	13
Title:	ELSA-2013:0611: ruby security update (Moderate)
Description:	lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2013-1821 ELSA-2013:0611-00
Platform(s):	Oracle Linux 5	Product(s):	ruby
Definition Synopsis
Oracle Linux 5.x AND rpm test ruby-devel is earlier than 0:1.8.5-29.el5_9 OR ruby-tcltk is earlier than 0:1.8.5-29.el5_9 OR ruby-docs is earlier than 0:1.8.5-29.el5_9 OR ruby-rdoc is earlier than 0:1.8.5-29.el5_9 OR ruby-ri is earlier than 0:1.8.5-29.el5_9 OR ruby is earlier than 0:1.8.5-29.el5_9 OR ruby-mode is earlier than 0:1.8.5-29.el5_9 OR ruby-irb is earlier than 0:1.8.5-29.el5_9 OR ruby-libs is earlier than 0:1.8.5-29.el5_9