Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-1764)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123518

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2013-1764)

Resumen: The remote host is missing an update for the 'ruby' package(s) announced via the ELSA-2013-1764 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ruby' package(s) announced via the ELSA-2013-1764 advisory.

Vulnerability Insight:
[1.8.7.352-13]
- Workaround build issues against OpenSSL with enabled ECC curves.
- Make DRb compatible with OpenSSL 1.0.1.
* ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch
- Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing
* ruby-1.9.3-p484-CVE-2013-4164-ignore-too-long-fraction-part-which-does-not-affect-the-result.patch
- Resolves: rhbz#1033500

Affected Software/OS:
'ruby' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4164
http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
BugTraq ID: 63873
http://www.securityfocus.com/bid/63873
Debian Security Information: DSA-2809 (Google Search)
http://www.debian.org/security/2013/dsa-2809
Debian Security Information: DSA-2810 (Google Search)
http://www.debian.org/security/2013/dsa-2810
http://osvdb.org/100113
RedHat Security Advisories: RHSA-2013:1763
http://rhn.redhat.com/errata/RHSA-2013-1763.html
RedHat Security Advisories: RHSA-2013:1764
http://rhn.redhat.com/errata/RHSA-2013-1764.html
RedHat Security Advisories: RHSA-2013:1767
http://rhn.redhat.com/errata/RHSA-2013-1767.html
RedHat Security Advisories: RHSA-2014:0011
http://rhn.redhat.com/errata/RHSA-2014-0011.html
RedHat Security Advisories: RHSA-2014:0215
http://rhn.redhat.com/errata/RHSA-2014-0215.html
http://secunia.com/advisories/55787
http://secunia.com/advisories/57376
SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html
SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html
SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html
http://www.ubuntu.com/usn/USN-2035-1

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123518
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-1764)
Resumen:	The remote host is missing an update for the 'ruby' package(s) announced via the ELSA-2013-1764 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ruby' package(s) announced via the ELSA-2013-1764 advisory. Vulnerability Insight: [1.8.7.352-13] - Workaround build issues against OpenSSL with enabled ECC curves. - Make DRb compatible with OpenSSL 1.0.1. * ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch - Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing * ruby-1.9.3-p484-CVE-2013-4164-ignore-too-long-fraction-part-which-does-not-affect-the-result.patch - Resolves: rhbz#1033500 Affected Software/OS: 'ruby' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4164 http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html BugTraq ID: 63873 http://www.securityfocus.com/bid/63873 Debian Security Information: DSA-2809 (Google Search) http://www.debian.org/security/2013/dsa-2809 Debian Security Information: DSA-2810 (Google Search) http://www.debian.org/security/2013/dsa-2810 http://osvdb.org/100113 RedHat Security Advisories: RHSA-2013:1763 http://rhn.redhat.com/errata/RHSA-2013-1763.html RedHat Security Advisories: RHSA-2013:1764 http://rhn.redhat.com/errata/RHSA-2013-1764.html RedHat Security Advisories: RHSA-2013:1767 http://rhn.redhat.com/errata/RHSA-2013-1767.html RedHat Security Advisories: RHSA-2014:0011 http://rhn.redhat.com/errata/RHSA-2014-0011.html RedHat Security Advisories: RHSA-2014:0215 http://rhn.redhat.com/errata/RHSA-2014-0215.html http://secunia.com/advisories/55787 http://secunia.com/advisories/57376 SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html http://www.ubuntu.com/usn/USN-2035-1
Copyright	Copyright (C) 2015 Greenbone AG