ELSA-2014-1913

ULN >
Oracle Linux Errata repository >
ELSA-2014-1913

ELSA-2014-1913 - ruby193-ruby security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2016-02-04

Description

[1.9.3.484-50.0.1]
- fix build issue: self test report 'dh key to small'

[1.9.3.484-50]
- Fix off-by-one stack-based buffer overflow in the encodes() function
(CVE-2014-4975).
Related: rhbz#1164004
- Fix REXML billion laughs attack via parameter entity expansion
(CVE-2014-8080).
Related: rhbz#1164004
- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090).
Related: rhbz#1164004

Related CVEs

CVE-2014-8080

CVE-2014-8090

CVE-2014-4975

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 6 (x86_64)	ruby193-ruby-1.9.3.484-50.0.1.el6.src.rpm	0cc5d9b8b7e6b6ae5115b481a0cf038f	-
	ruby193-ruby-1.9.3.484-50.0.1.el6.x86_64.rpm	48a25189f827988e8697e0564618ad8c	-
	ruby193-ruby-devel-1.9.3.484-50.0.1.el6.x86_64.rpm	8f8010e9f8832a382b262a2a33e3ae2f	-
	ruby193-ruby-doc-1.9.3.484-50.0.1.el6.x86_64.rpm	6a35370f2cc6ab0946c6d798c9675ddb	-
	ruby193-ruby-irb-1.9.3.484-50.0.1.el6.noarch.rpm	1dafb86adda4f796ec9bb6036a643377	-
	ruby193-ruby-libs-1.9.3.484-50.0.1.el6.x86_64.rpm	6619199e831ce1ee40bb4113bafcc7df	-
	ruby193-ruby-tcltk-1.9.3.484-50.0.1.el6.x86_64.rpm	1c53ac928e68bc51b931189ec570d01a	-
	ruby193-rubygem-bigdecimal-1.1.0-50.0.1.el6.x86_64.rpm	e71a65af9d3eb971f9b3eff2f45a9bea	-
	ruby193-rubygem-io-console-0.3-50.0.1.el6.x86_64.rpm	6516cecdf1b29e2cea40d313a8f4623a	-
	ruby193-rubygem-json-1.5.5-50.0.1.el6.x86_64.rpm	c5e71d0bc2390035c58f4e5d4f44463f	-
	ruby193-rubygem-minitest-2.5.1-50.0.1.el6.noarch.rpm	d03c4b4d44e6a7024f09774ef61eba0d	-
	ruby193-rubygem-rake-0.9.2.2-50.0.1.el6.noarch.rpm	9be90849a91654db35f21e208ff919a9	-
	ruby193-rubygem-rdoc-3.9.5-50.0.1.el6.x86_64.rpm	f025525738fe6a3f132cf8e79d2368e8	-
	ruby193-rubygems-1.8.23-50.0.1.el6.noarch.rpm	b552143379d40f90d591533b4cbb0574	-
	ruby193-rubygems-devel-1.8.23-50.0.1.el6.noarch.rpm	b8863de6552fd19398f393511346e85b	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691