Scientific Linux Security Update : ruby on SL6.x i386/x86_64
Medium Nessus Plugin ID 79657
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionMultiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090)
All running instances of Ruby need to be restarted for this update to take effect.
SolutionUpdate the affected packages.