Ruby upstream has reported a security vulnerability present in the
Ruby REXML module. The REXML engine is vulnerable to the "XML entity explosion" attack. This issue could allow an attacker to cause a denial of service by
attempting to parse a XML file with recursively nested entities via the
Ruby XML files parsing engine (REXML).
Created attachment 314979 [details]
Upstream PoC -- XML file with recursively nested entities
Created attachment 315334 [details]
The Ruby core REXML module patch.
1, Monkey patch, to be applied on every application by the user
2, Standard patch, to be applied to the Ruby core (REXML module) implementation
ruby-22.214.171.1247-2.fc8 has been submitted as an update for Fedora 8.
ruby-126.96.36.1997-2.fc9 has been submitted as an update for Fedora 9.
ruby-188.8.131.527-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
ruby-184.108.40.2067-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in:
Red Hat Enterprise Linux: