SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionRuby Gem developers report :
The patch for CVE-2013-4363 was insufficiently verified so the combined regular expression for verifying gem version remains vulnerable following CVE-2013-4363.
RubyGems validates versions with a regular expression that is vulnerable to denial of service due to backtracking. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption.
SolutionUpdate the affected packages.