ruby-1.8.7.352-12.AXS4
エラータID: AXSA:2013-564:02
Release date:
Friday, July 19, 2013 - 13:17
Subject:
ruby-1.8.7.352-12.AXS4
Affected Channels:
Asianux Server 4 for ppc
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible.
Security issues fixed with this release:
• CVE-2013-4073
No information available at the time of writing, please refer to the CVE link below.
Solution:
Update packages.
CVEs:
CVE-2013-4073
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Additional Info:
N/A
Download:
SRPMS
- ruby-1.8.7.352-12.AXS4.src.rpm
MD5: d8251ae93cdd9ab02aecfe99dd3dfc16
SHA-256: 0dd9e57a0480ea211929a6376e6f83f94355ec548e810fc90438800754bf31c8
Size: 8.29 MB
Asianux Server 4 for x86
- ruby-1.8.7.352-12.AXS4.i686.rpm
MD5: 1c423c3bb3cc00aa7d36b64f35adcfa1
SHA-256: 9eeee05333a66c6d3b5ccb8b0392bba733570d80b40937be89a1e9e475c21bfc
Size: 533.33 kB - ruby-devel-1.8.7.352-12.AXS4.i686.rpm
MD5: fa737fb9ade3148740d73b81092c5f1f
SHA-256: 36400d494981f9ce8465e2e6757bc2d3aa97953a862ec9ef175cb29a5d5b3c38
Size: 313.39 kB - ruby-irb-1.8.7.352-12.AXS4.i686.rpm
MD5: 1195fb581a48dcd896c8bfc159f1d37a
SHA-256: 20eebed2cd40a232d5950dddbafdb07d1efd9d723c93e8699af5b949727cec3b
Size: 312.49 kB - ruby-libs-1.8.7.352-12.AXS4.i686.rpm
MD5: d9646ffb625445f6f32e93d1cefdcedb
SHA-256: a40a4529122e32b1d5461cde8b75f44b62e1a1f22d95f3e03dbdf72426293d5b
Size: 1.64 MB - ruby-rdoc-1.8.7.352-12.AXS4.i686.rpm
MD5: 713b80cab9a7fd7ddc7133e092a0dae7
SHA-256: 65fe7dc140e74fe2fc3bd8e26a362f25515cec853d849ef26cdd62b709fd8448
Size: 375.86 kB
Asianux Server 4 for x86_64
- ruby-1.8.7.352-12.AXS4.x86_64.rpm
MD5: b3ec36a892506d1fdb954a3e04564010
SHA-256: f99c4e84770fc186aaea462f68136175f992b01a21cc7f93a3d80ee49685dd02
Size: 533.01 kB - ruby-devel-1.8.7.352-12.AXS4.x86_64.rpm
MD5: a6d7b2f9a940cfca5cfb6936027756b0
SHA-256: 41166bf0d1dae02669191c6feff281b490ad8d9be965dd6901861d22bd4ece4c
Size: 312.91 kB - ruby-irb-1.8.7.352-12.AXS4.x86_64.rpm
MD5: 60bbf8947428c43c87d70658013ce65d
SHA-256: 70fbdeaa8050687572fbd955695e0ceb5ce585bef9f89fb9e605d702ce5f7711
Size: 312.07 kB - ruby-libs-1.8.7.352-12.AXS4.x86_64.rpm
MD5: f27c7ca62ac630adb5f9c614a2f5cd61
SHA-256: 7693bda86ba5f9a3cd842a1bb7d6885f1e0e3f3bce2c5ebf54f4bd4839a0c520
Size: 1.64 MB - ruby-rdoc-1.8.7.352-12.AXS4.x86_64.rpm
MD5: 924a484dea757adee1b32969394b937d
SHA-256: ac41acd14bd4f5c1989c5bf549f370b046a937a76bd8be2804d1cc069e8f9db4
Size: 375.40 kB - ruby-devel-1.8.7.352-12.AXS4.i686.rpm
MD5: fa737fb9ade3148740d73b81092c5f1f
SHA-256: 36400d494981f9ce8465e2e6757bc2d3aa97953a862ec9ef175cb29a5d5b3c38
Size: 313.39 kB - ruby-libs-1.8.7.352-12.AXS4.i686.rpm
MD5: d9646ffb625445f6f32e93d1cefdcedb
SHA-256: a40a4529122e32b1d5461cde8b75f44b62e1a1f22d95f3e03dbdf72426293d5b
Size: 1.64 MB