ruby-1.8.7.352-12.AXS4
エラータID: AXSA:2013-564:02
リリース日:
2013/07/19 Friday - 13:17
題名:
ruby-1.8.7.352-12.AXS4
影響のあるチャネル:
Asianux Server 4 for ppc
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2013-4073 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2013-4073
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
追加情報:
N/A
ダウンロード:
SRPMS
- ruby-1.8.7.352-12.AXS4.src.rpm
MD5: d8251ae93cdd9ab02aecfe99dd3dfc16
SHA-256: 0dd9e57a0480ea211929a6376e6f83f94355ec548e810fc90438800754bf31c8
Size: 8.29 MB
Asianux Server 4 for x86
- ruby-1.8.7.352-12.AXS4.i686.rpm
MD5: 1c423c3bb3cc00aa7d36b64f35adcfa1
SHA-256: 9eeee05333a66c6d3b5ccb8b0392bba733570d80b40937be89a1e9e475c21bfc
Size: 533.33 kB - ruby-devel-1.8.7.352-12.AXS4.i686.rpm
MD5: fa737fb9ade3148740d73b81092c5f1f
SHA-256: 36400d494981f9ce8465e2e6757bc2d3aa97953a862ec9ef175cb29a5d5b3c38
Size: 313.39 kB - ruby-irb-1.8.7.352-12.AXS4.i686.rpm
MD5: 1195fb581a48dcd896c8bfc159f1d37a
SHA-256: 20eebed2cd40a232d5950dddbafdb07d1efd9d723c93e8699af5b949727cec3b
Size: 312.49 kB - ruby-libs-1.8.7.352-12.AXS4.i686.rpm
MD5: d9646ffb625445f6f32e93d1cefdcedb
SHA-256: a40a4529122e32b1d5461cde8b75f44b62e1a1f22d95f3e03dbdf72426293d5b
Size: 1.64 MB - ruby-rdoc-1.8.7.352-12.AXS4.i686.rpm
MD5: 713b80cab9a7fd7ddc7133e092a0dae7
SHA-256: 65fe7dc140e74fe2fc3bd8e26a362f25515cec853d849ef26cdd62b709fd8448
Size: 375.86 kB
Asianux Server 4 for x86_64
- ruby-1.8.7.352-12.AXS4.x86_64.rpm
MD5: b3ec36a892506d1fdb954a3e04564010
SHA-256: f99c4e84770fc186aaea462f68136175f992b01a21cc7f93a3d80ee49685dd02
Size: 533.01 kB - ruby-devel-1.8.7.352-12.AXS4.x86_64.rpm
MD5: a6d7b2f9a940cfca5cfb6936027756b0
SHA-256: 41166bf0d1dae02669191c6feff281b490ad8d9be965dd6901861d22bd4ece4c
Size: 312.91 kB - ruby-irb-1.8.7.352-12.AXS4.x86_64.rpm
MD5: 60bbf8947428c43c87d70658013ce65d
SHA-256: 70fbdeaa8050687572fbd955695e0ceb5ce585bef9f89fb9e605d702ce5f7711
Size: 312.07 kB - ruby-libs-1.8.7.352-12.AXS4.x86_64.rpm
MD5: f27c7ca62ac630adb5f9c614a2f5cd61
SHA-256: 7693bda86ba5f9a3cd842a1bb7d6885f1e0e3f3bce2c5ebf54f4bd4839a0c520
Size: 1.64 MB - ruby-rdoc-1.8.7.352-12.AXS4.x86_64.rpm
MD5: 924a484dea757adee1b32969394b937d
SHA-256: ac41acd14bd4f5c1989c5bf549f370b046a937a76bd8be2804d1cc069e8f9db4
Size: 375.40 kB - ruby-devel-1.8.7.352-12.AXS4.i686.rpm
MD5: fa737fb9ade3148740d73b81092c5f1f
SHA-256: 36400d494981f9ce8465e2e6757bc2d3aa97953a862ec9ef175cb29a5d5b3c38
Size: 313.39 kB - ruby-libs-1.8.7.352-12.AXS4.i686.rpm
MD5: d9646ffb625445f6f32e93d1cefdcedb
SHA-256: a40a4529122e32b1d5461cde8b75f44b62e1a1f22d95f3e03dbdf72426293d5b
Size: 1.64 MB