|NASL family||Debian Local Security Checks|
|description||It was discovered that the uri package in the Ruby standard library
uses regular expressions that may result in excessive backtracking.
Ruby applications that parse untrusted URIs using this library were
susceptible to denial of service attacks by passing crafted URIs.
For the oldoldstable distribution (squeeze), this problem has been
fixed in version 22.214.171.124-2+deb6u6.
The oldstable distribution (wheezy) and stable distribution (jessie)
were not affected by this problem as it was fixed before release.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.|
|reporter||This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.|
|title||Debian DLA-275-1 : ruby1.9.1 security update|