ruby-1.8.7.352-10.AXS4
エラータID: AXSA:2013-281:01
リリース日:
2013/03/29 Friday - 12:38
題名:
ruby-1.8.7.352-10.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2012-4481, CVE-2013-1821 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-4481
The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005.
The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005.
CVE-2013-1821
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
追加情報:
N/A
ダウンロード:
SRPMS
- ruby-1.8.7.352-10.AXS4.src.rpm
MD5: db147b3efe8da46cc9ca49c76327e912
SHA-256: f2af952ba625f7f67dfb9d77a5fa2b8dadc6ca161de893340ecc9202ca5e59be
Size: 8.29 MB
Asianux Server 4 for x86
- ruby-1.8.7.352-10.AXS4.i686.rpm
MD5: 59ba92e7d2999340747bde635e8be583
SHA-256: c9d78ed95af7fa9a26e4efee1037a5a4744d53d3e7d4c5320c13c840d883d722
Size: 532.66 kB - ruby-devel-1.8.7.352-10.AXS4.i686.rpm
MD5: 80520bcac29be5af93e30b30c644ffec
SHA-256: 2a82792de7f9fc5102a7c03d0b16b99427f58894a0f9e41df73ccb278bb3aa26
Size: 312.68 kB - ruby-irb-1.8.7.352-10.AXS4.i686.rpm
MD5: 24e613e086fe1464e455459b7ba7ea57
SHA-256: f3e4368be638bf840e463777da1bb8a32b00483715d3501e904ef5ac0280c9d2
Size: 311.83 kB - ruby-libs-1.8.7.352-10.AXS4.i686.rpm
MD5: 4dd436c308dfc8c4c4b13166ffae1203
SHA-256: e2a254135ad01329ce13bf5393d6497e010d18c85a2d75c5e947cf5e6a0611f7
Size: 1.64 MB - ruby-rdoc-1.8.7.352-10.AXS4.i686.rpm
MD5: 8c370811683555d25d810d99127f1a65
SHA-256: 3e5c35498ec00816f72baa5755c732e3a977e60d81c55e0b5624c69b73510713
Size: 375.15 kB
Asianux Server 4 for x86_64
- ruby-1.8.7.352-10.AXS4.x86_64.rpm
MD5: 1ebbbd57fcb9f37061f5ecd81ca7b26d
SHA-256: 0580b2ae6526d7f6e48937e437b4e513506d774897569ab64981a11d24095ca8
Size: 532.34 kB - ruby-devel-1.8.7.352-10.AXS4.x86_64.rpm
MD5: 47b43b271aeaa975cd79b26124561da0
SHA-256: 2b8ac1227df04c3d6150c5ef497b9628932223f2cebd383598b3a28078a230f5
Size: 312.21 kB - ruby-irb-1.8.7.352-10.AXS4.x86_64.rpm
MD5: 9fcb17b8318248b144afbb0510b123e4
SHA-256: ad9042d9a30e183a22e186dc50e49a90ee211a75ca3109ffb658e6e0bdd7b69a
Size: 311.38 kB - ruby-libs-1.8.7.352-10.AXS4.x86_64.rpm
MD5: 0037ea1507cea0fe7fc982fa5574a39c
SHA-256: 9b4724c1ac1df314a3ff9f03cc4e3a7cf6adda44ca24b74adb76425316da79b9
Size: 1.64 MB - ruby-rdoc-1.8.7.352-10.AXS4.x86_64.rpm
MD5: 4b73291edae7507032b7c296192cc0b3
SHA-256: 8be292fb9e9af96a510ce33b16f49f433a5d06c8d5cb07b66b2f50e2b2547516
Size: 374.72 kB - ruby-devel-1.8.7.352-10.AXS4.i686.rpm
MD5: 80520bcac29be5af93e30b30c644ffec
SHA-256: 2a82792de7f9fc5102a7c03d0b16b99427f58894a0f9e41df73ccb278bb3aa26
Size: 312.68 kB - ruby-libs-1.8.7.352-10.AXS4.i686.rpm
MD5: 4dd436c308dfc8c4c4b13166ffae1203
SHA-256: e2a254135ad01329ce13bf5393d6497e010d18c85a2d75c5e947cf5e6a0611f7
Size: 1.64 MB