[El-errata] ELSA-2014-1913 Moderate: Oracle Linux Software Collections 1.2 for Oracle Linux 6 ruby193-ruby security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Feb 5 13:49:35 PST 2016


Oracle Linux Software Collections Security Advisory ELSA-2014-1913

The following updated rpms for Oracle Linux Software Collections 1.2 for 
Oracle Linux 6 have been uploaded to the Unbreakable Linux Network:

x86_64:
ruby193-ruby-1.9.3.484-50.0.1.el6.x86_64.rpm
ruby193-ruby-devel-1.9.3.484-50.0.1.el6.x86_64.rpm
ruby193-ruby-doc-1.9.3.484-50.0.1.el6.x86_64.rpm
ruby193-ruby-irb-1.9.3.484-50.0.1.el6.noarch.rpm
ruby193-ruby-libs-1.9.3.484-50.0.1.el6.x86_64.rpm
ruby193-ruby-tcltk-1.9.3.484-50.0.1.el6.x86_64.rpm
ruby193-rubygem-bigdecimal-1.1.0-50.0.1.el6.x86_64.rpm
ruby193-rubygem-io-console-0.3-50.0.1.el6.x86_64.rpm
ruby193-rubygem-json-1.5.5-50.0.1.el6.x86_64.rpm
ruby193-rubygem-minitest-2.5.1-50.0.1.el6.noarch.rpm
ruby193-rubygem-rake-0.9.2.2-50.0.1.el6.noarch.rpm
ruby193-rubygem-rdoc-3.9.5-50.0.1.el6.x86_64.rpm
ruby193-rubygems-1.8.23-50.0.1.el6.noarch.rpm
ruby193-rubygems-devel-1.8.23-50.0.1.el6.noarch.rpm


SRPMS:
http://oss.oracle.com/SCL/1.2/OL6/SRPMS/ruby193-ruby-1.9.3.484-50.0.1.el6.src.rpm



Description of changes:

[1.9.3.484-50.0.1]
- fix build issue: self test report "dh key to small"

[1.9.3.484-50]
- Fix off-by-one stack-based buffer overflow in the encodes() function
   (CVE-2014-4975).
   Related: rhbz#1164004
- Fix REXML billion laughs attack via parameter entity expansion
   (CVE-2014-8080).
   Related: rhbz#1164004
- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090).
   Related: rhbz#1164004





More information about the El-errata mailing list