Stay Connected:

ELSA-2014-1912

ELSA-2014-1912 - ruby security update

Type:SECURITY
Severity:MODERATE
Release Date:2014-11-26

Description


[2.0.0.353-22]
- Fix REXML billion laughs attack via parameter entity expansion
(CVE-2014-8080).
Resolves: rhbz#1163998
- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090).
Resolves: rhbz#1163998

[2.0.0.353-21]
- Fix off-by-one stack-based buffer overflow in the encodes() function
(CVE-2014-4975)
Resolves: rhbz#1163998

[2.0.0.353-21]
- Fix FTBFS with new tzdata
Related: rhbz#1163998


Related CVEs


CVE-2014-8080
CVE-2014-8090
CVE-2014-4975

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) ruby-2.0.0.353-22.el7_0.src.rpm310900b5bec2c648e9cae012e5fa2613ELSA-2019-2028
ruby-2.0.0.353-22.el7_0.x86_64.rpm484ea285c8c25fddd7b61db6d681be71ELSA-2019-2028
ruby-devel-2.0.0.353-22.el7_0.x86_64.rpm02f6120be76af888f0748e8f25582e5eELSA-2019-2028
ruby-doc-2.0.0.353-22.el7_0.noarch.rpm6727005a04c5f4d999e121e8798dcb46ELSA-2019-2028
ruby-irb-2.0.0.353-22.el7_0.noarch.rpm3ef04e33ecf7399f8cb91b24562df9e7ELSA-2019-2028
ruby-libs-2.0.0.353-22.el7_0.i686.rpmc41ca0353bbe3c393663ae85bd16e9d9ELSA-2019-2028
ruby-libs-2.0.0.353-22.el7_0.x86_64.rpmd8d94eebed737a67b3c960d0a1367e28ELSA-2019-2028
ruby-tcltk-2.0.0.353-22.el7_0.x86_64.rpm0930d0c12918f987b680456a896c5c5dELSA-2019-2028
rubygem-bigdecimal-1.2.0-22.el7_0.x86_64.rpm77325b7366108104d267eefc5f096c8fELSA-2019-2028
rubygem-io-console-0.4.2-22.el7_0.x86_64.rpm56954372cb37d24a23ef2d17be1ad564ELSA-2019-2028
rubygem-json-1.7.7-22.el7_0.x86_64.rpm20df06178bf192dfd319456e31fbfd03ELSA-2019-2028
rubygem-minitest-4.3.2-22.el7_0.noarch.rpmd10624acad8f9de035020b23686ec7efELSA-2019-2028
rubygem-psych-2.0.0-22.el7_0.x86_64.rpm402a20463ebf9df2f3fe31b6677c7095ELSA-2019-2028
rubygem-rake-0.9.6-22.el7_0.noarch.rpm53788363af511595a53ba02c2727fff9ELSA-2019-2028
rubygem-rdoc-4.0.0-22.el7_0.noarch.rpmda801fac9abdc669e492e3fa7855f0c6ELSA-2019-2028
rubygems-2.0.14-22.el7_0.noarch.rpmf5b6eae90226bef883c65b37cbd50787ELSA-2019-2028
rubygems-devel-2.0.14-22.el7_0.noarch.rpm55b087be1bce5c5d5ec993a8a6cc8d17ELSA-2019-2028



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights