| Errata ID | 313 |
|---|---|
| Date | 2015-09-09 |
| Source package | ruby1.9.1 |
| Fixed in version | 1.9.3.194-8.1.10.201509021406 |
| Description | Multiple security vulnerabilities have been fixed in ruby1.9.1: * Denial of service in the encodes() function (CVE-2014-4975) * Denial of service through unrestricted XML entity expansion (CVE-2014-8080, CVE-2014-8090) * Man-in-the-middle attack via crafted SSL certificates (CVE-2015-1855) |
| Additional notes | |
| CVE ID | CVE-2014-4975 CVE-2014-8080 CVE-2014-8090 CVE-2015-1855 |
| UCS Bug number | #36993 |
