New Search

ELSA-2014-1911 -- ruby security update (moderate)

oval:org.mitre.oval:def:28027

[1.8.7.374-3] - Fix REXML billion laughs attack via parameter entity expansion (CVE-2014-8080). Resolves: rhbz#1163993 - REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090). Resolves: rhbz#1163993

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 6
Class:
patch
Reference(s):
  • ELSA-2014-1911
  • CVE-2014-8080
  • CVE-2014-8090
Product(s):
  • ruby