Oval Definition:oval:org.mitre.oval:def:28303
Revision Date:2015-01-26Version:10
Title:ELSA-2014-1912 -- ruby security update (moderate)
Description:[2.0.0.353-22]- Fix REXML billion laughs attack via parameter entity expansion (CVE-2014-8080). Resolves: rhbz#1163998- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090). Resolves: rhbz#1163998[2.0.0.353-21]- Fix off-by-one stack-based buffer overflow in the encodes() function (CVE-2014-4975) Resolves: rhbz#1163998[2.0.0.353-21]- Fix FTBFS with new tzdata Related: rhbz#1163998
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-4975
CVE-2014-8080
CVE-2014-8090
ELSA-2014-1912
Platform(s):Oracle Linux 7
Product(s):ruby
Definition Synopsis
  • Oracle Linux 7.x
  • AND Packages match section
  • ruby is earlier than 0:2.0.0.353-22.el7_0
  • OR ruby-devel is earlier than 0:2.0.0.353-22.el7_0
  • OR ruby-doc is earlier than 0:2.0.0.353-22.el7_0
  • OR ruby-irb is earlier than 0:2.0.0.353-22.el7_0
  • OR ruby-libs is earlier than 0:2.0.0.353-22.el7_0
  • OR ruby-tcltk is earlier than 0:2.0.0.353-22.el7_0
  • OR rubygem-bigdecimal is earlier than 0:1.2.0-22.el7_0
  • OR rubygem-io-console is earlier than 0:0.4.2-22.el7_0
  • OR rubygem-json is earlier than 0:1.7.7-22.el7_0
  • OR rubygem-minitest is earlier than 0:4.3.2-22.el7_0
  • OR rubygem-psych is earlier than 0:2.0.0-22.el7_0
  • OR rubygem-rake is earlier than 0:0.9.6-22.el7_0
  • OR rubygem-rdoc is earlier than 0:4.0.0-22.el7_0
  • OR rubygems is earlier than 0:2.0.14-22.el7_0
  • OR rubygems-devel is earlier than 0:2.0.14-22.el7_0
    • BACK