Errata overview
Errata ID 4
Date 2013-12-09
Source package ruby1.8
Fixed in version
Multiple security issues have been fixed in Ruby:
* The expansion of XML entities isn't limited, allowing DoS (CVE-2013-1821)
* Incorrect validation of SSL certificates with NULL bytes in the hostname (CVE-2013-4073)
* Buffer overflow in the floating point parsing code for strtod() (CVE-2013-4164)
Additional notes This update fixes these vulnerabilities.
CVE ID CVE-2013-1821