ruby-1.8.5-31.AXS3
エラータID: AXSA:2013-560:03
Release date:
Friday, July 19, 2013 - 17:47
Subject:
ruby-1.8.5-31.AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible.
Security issues fixed with this release:
• CVE-2013-4073
No information available at the time of writing, please refer to the CVE link below.
Solution:
Update packages.
CVEs:
CVE-2013-4073
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Additional Info:
N/A
Download:
SRPMS
- ruby-1.8.5-31.AXS3.src.rpm
MD5: e4021182990752616edf522ce8e14392
SHA-256: 505d1da4f9587bae19edfec7121f4cf131b3b542fb589505c7b055032ab37cdb
Size: 5.37 MB
Asianux Server 3 for x86
- ruby-1.8.5-31.AXS3.i386.rpm
MD5: eb1871b4c885061019303899c8fc40ff
SHA-256: 18e4485306d6d581a278d826f520f7cec8db59eb27e200379277d763ec6a3123
Size: 283.22 kB - ruby-devel-1.8.5-31.AXS3.i386.rpm
MD5: 8ffb931740af4c21cb50b6fd2330f6b6
SHA-256: 5cc9332c117e5d4cf1d89f2294fd96a9f564c16843e38672fb5fae13aea6b347
Size: 552.92 kB - ruby-docs-1.8.5-31.AXS3.i386.rpm
MD5: 35815b624157db2d398c5bd1f326ebdf
SHA-256: 8dbcb7b33bc62e9978aa3544d8007c61495781a7f8aa4d4bcb111bcb62fa350e
Size: 1.45 MB - ruby-irb-1.8.5-31.AXS3.i386.rpm
MD5: 804e0cfada66b906a521c7daf64c574a
SHA-256: fe2d51377e869f40cf86ba5b403d55594a82459b34dfe15ff15636ee0f647159
Size: 73.18 kB - ruby-libs-1.8.5-31.AXS3.i386.rpm
MD5: 4e85966c5c8e0b35606ab3112e5fb558
SHA-256: e3fa531acd16d0a35c550c4fbc1369ba6a14297b3a704f02c4daa44f76029c22
Size: 1.62 MB - ruby-mode-1.8.5-31.AXS3.i386.rpm
MD5: e2ce5eedb3fd58155cd47ff2488644ab
SHA-256: a5c0dd0790a12e5f7261271b4eee1de30c22fa178dcead7175adc176552473e3
Size: 57.75 kB - ruby-tcltk-1.8.5-31.AXS3.i386.rpm
MD5: ae3847989edc01ce83468d2cdce62a9b
SHA-256: ff3fdda021d3362e30119d65107e5e2c6933167ea10cfa710bd74ebdee7408dc
Size: 1.66 MB
Asianux Server 3 for x86_64
- ruby-1.8.5-31.AXS3.x86_64.rpm
MD5: 6f14d3adb5b3c53f619ed49019d67830
SHA-256: 6366997d12c7eba90f2f2a925a84ecd81d9f4f5627c20bb46e15d168b94e2314
Size: 283.22 kB - ruby-devel-1.8.5-31.AXS3.x86_64.rpm
MD5: c2ce53d5b886a0b100f90d8b063e6c4c
SHA-256: c6d118be58bb1321a0c5ca12581666f79b518c37cb27661aa614f892a15dc225
Size: 562.76 kB - ruby-docs-1.8.5-31.AXS3.x86_64.rpm
MD5: e5564b136e545c3095045081c3ca449c
SHA-256: 269a41dccd6a4cf5e7772ea0ce2b525d734e392874cb7a9865a755b9f30c6310
Size: 1.45 MB - ruby-irb-1.8.5-31.AXS3.x86_64.rpm
MD5: 7a493b90eece5c55ef94f010e7161a0b
SHA-256: 9ab9f1a806ce8b7a758a858b25e02d9e5b235eca57f1c3b1552e0410aa9b645d
Size: 73.09 kB - ruby-libs-1.8.5-31.AXS3.x86_64.rpm
MD5: a2c48415e3a124b5767ac4789f38979c
SHA-256: 28541c1fac4732db6659edc1c8b3b75b91e547e5de8e2a8623648410b9287ffd
Size: 1.64 MB - ruby-mode-1.8.5-31.AXS3.x86_64.rpm
MD5: 8444cc04c5d3888debac85755f058a85
SHA-256: d48ff3441bf576c217ad7a3a5c84843af83c47f0a4dbe25738cf92654ebe3787
Size: 57.71 kB - ruby-tcltk-1.8.5-31.AXS3.x86_64.rpm
MD5: 0c6d172182dd2bb7e6181b87b6cbe74a
SHA-256: 2cfd08666132931da815aa33ff77a85c6f7f368ea0633be199ac47eea6a74b68
Size: 1.67 MB