OVAL Reference oval:org.mitre.oval:def:23508

Oval Definition:

oval:org.mitre.oval:def:23508

Revision Date:	2014-05-26	Version:	26
Title:	ELSA-2011:0910: ruby security update (Moderate)
Description:	The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 ELSA-2011:0910-01
Platform(s):	Oracle Linux 6	Product(s):	ruby
Definition Synopsis
Oracle Linux 6.x AND rpm test ruby is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-rdoc is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-devel is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-tcltk is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-docs is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-static is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-libs is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-irb is earlier than 0:1.8.7.299-7.el6_1.1 OR ruby-ri is earlier than 0:1.8.7.299-7.el6_1.1