Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2014-1913)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.122872
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2014-1913)
Summary:	The remote host is missing an update for the 'ruby193-ruby' package(s) announced via the ELSA-2014-1913 advisory.
Description:	Summary: The remote host is missing an update for the 'ruby193-ruby' package(s) announced via the ELSA-2014-1913 advisory. Vulnerability Insight: [1.9.3.484-50.0.1] - fix build issue: self test report 'dh key to small' [1.9.3.484-50] - Fix off-by-one stack-based buffer overflow in the encodes() function (CVE-2014-4975). Related: rhbz#1164004 - Fix REXML billion laughs attack via parameter entity expansion (CVE-2014-8080). Related: rhbz#1164004 - REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090). Related: rhbz#1164004 Affected Software/OS: 'ruby193-ruby' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-4975 BugTraq ID: 68474 http://www.securityfocus.com/bid/68474 Debian Security Information: DSA-3157 (Google Search) http://www.debian.org/security/2015/dsa-3157 http://www.mandriva.com/security/advisories?name=MDVSA-2015:129 http://www.openwall.com/lists/oss-security/2014/07/09/13 RedHat Security Advisories: RHSA-2014:1912 http://rhn.redhat.com/errata/RHSA-2014-1912.html RedHat Security Advisories: RHSA-2014:1913 http://rhn.redhat.com/errata/RHSA-2014-1913.html RedHat Security Advisories: RHSA-2014:1914 http://rhn.redhat.com/errata/RHSA-2014-1914.html http://www.ubuntu.com/usn/USN-2397-1 XForce ISS Database: ruby-cve20144975-bo(94706) https://exchange.xforce.ibmcloud.com/vulnerabilities/94706 Common Vulnerability Exposure (CVE) ID: CVE-2014-8080 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 70935 http://www.securityfocus.com/bid/70935 Debian Security Information: DSA-3159 (Google Search) http://www.debian.org/security/2015/dsa-3159 RedHat Security Advisories: RHSA-2014:1911 http://rhn.redhat.com/errata/RHSA-2014-1911.html http://secunia.com/advisories/61607 http://secunia.com/advisories/62050 http://secunia.com/advisories/62748 SuSE Security Announcement: openSUSE-SU-2014:1589 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html SuSE Security Announcement: openSUSE-SU-2015:0002 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html SuSE Security Announcement: openSUSE-SU-2015:0007 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8090 BugTraq ID: 71230 http://www.securityfocus.com/bid/71230 http://secunia.com/advisories/59948 http://www.ubuntu.com/usn/USN-2412-1
Copyright	Copyright (C) 2016 Greenbone AG