This bug was fixed in the package ruby1.8 - 1.8.6.36-1ubuntu3.1
---------------
ruby1.8 (1.8.6.36-1ubuntu3.1) gutsy-security; urgency=low
* SECURITY UPDATE: SSL connections did not check commonName early
enough, possibly allowing sensitive information to be exposed.
* debian/patches/100_CVE-2007-5162.dpatch: upstream fixes, from
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499
* debian/patches/101_CVE-2007-5770.dpatch: upstream fixes, from
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656
* References:
CVE-2007-5162 CVE-2007-5770 (LP: #149616)
-- Stephan Hermann <[EMAIL PROTECTED]> Tue, 13 Nov 2007 19:42:37 +0100
** Changed in: ruby1.8 (Ubuntu Gutsy)
Status: In Progress => Fix Released
** Changed in: ruby1.8 (Ubuntu Feisty)
Status: In Progress => Fix Released
--
Net::HTTPS Vulnerability
https://bugs.launchpad.net/bugs/149616
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
