Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.2:Update
patchinfo.1497
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.1497
<patchinfo> <issue id="808137" tracker="bnc">VUL-1: CVE-2013-1821: ruby: entity expansion DoS vulnerability in REXML</issue> <issue id="803342" tracker="bnc">VUL-0: CVE-2013-0269: ruby19/rubygem-json: Denial of Service and Unsafe Object Creation Vulnerability in JSON</issue> <issue id="CVE-2013-0269" tracker="cve" /> <issue id="CVE-2013-1821" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>darix</packager> <description> Ruby 1.8 was updated to fix a XML entity expansion denial of service attack (CVE-2013-1821) Ruby 1.9 was updated to 1.9.3 p392, fixing the same security issues and also: - update json intree to 1.5.5: Denial of Service and Unsafe Object Creation Vulnerability in JSON CVE-2013-0269 - limit entity expansion text limit to 10kB CVE-2013-1821 - get rid of a SEGV when calling rb_iter_break() from some extention libraries. - some warning suppressed and smaller fixes </description> <summary>ruby: update to fix XML and JSON security problems</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
