Login
Newsletter
Werbung

Sicherheit: Denial of Service in rubygem-ox
Aktuelle Meldungen Distributionen
Name: Denial of Service in rubygem-ox
ID: FEDORA-2017-4cb9489ce3
Distribution: Fedora
Plattformen: Fedora 27
Datum: Mi, 15. November 2017, 22:20
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15928
Applikationen: rubygem-ox

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-4cb9489ce3
2017-11-15 15:47:48.464495
-------------------------------------------------------------------------------
-

Name : rubygem-ox
Product : Fedora 27
Version : 2.8.2
Release : 1.fc27
URL : http://www.ohler.com/ox
Summary : Fast XML parser and object serializer
Description :
A fast XML parser and object serializer that uses only standard C lib.
Optimized XML (Ox), as the name implies was written to provide speed optimized
XML handling. It was designed to be an alternative to Nokogiri and other Ruby
XML parsers for generic XML parsing and as an alternative to Marshal for
Object serialization.

-------------------------------------------------------------------------------
-
Update Information:

Update to 2.8.2 - new features and fixes, security fix for CVE-2017-15928
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1509206 - CVE-2017-15928 rubygem-ox: Segmentation fault in the
parse_obj
https://bugzilla.redhat.com/show_bug.cgi?id=1509206
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade rubygem-ox' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung