Oval Definition:oval:org.mitre.oval:def:28142
Revision Date:2015-01-26Version:10
Title:RHSA-2014:1911 -- ruby security update (Moderate)
Description:Ruby is an extensible, interpreted, object-oriented, scripting language.It has features to process text files and to perform system managementtasks.Multiple denial of service flaws were found in the way the Ruby REXML XMLparser performed expansion of parameter entities. A specially crafted XMLdocument could cause REXML to use an excessive amount of CPU and memory.(CVE-2014-8080, CVE-2014-8090)The CVE-2014-8090 issue was discovered by Red Hat Product Security.All ruby users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. All running instancesof Ruby need to be restarted for this update to take effect.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2014:1911
CVE-2014-8080
CVE-2014-8090
RHSA-2014:1911
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):ruby
Definition Synopsis
  • Red Hat Enterprise Linux 6 and CentOS Linux 6 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages match section
  • ruby is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-devel is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-docs is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-irb is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-libs is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-rdoc is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-ri is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-static is earlier than 0:1.8.7.374-3.el6_6
  • OR ruby-tcltk is earlier than 0:1.8.7.374-3.el6_6
  • Red Hat Enterprise Linux 6 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND ruby-debuginfo is earlier than 0:1.8.7.374-3.el6_6
    • BACK