Moderate: ruby (SL5, SL6)

By Scientific Linux Team on July 17, 2013

Synopsis: Moderate: ruby security update
Advisory ID: SLSA-2013:1090-1
Issue Date: 2013-07-17
CVE Numbers: CVE-2013-4073

A flaw was found in Ruby’s SSL client’s hostname identity check when
handling certificates that contain hostnames with NULL bytes. An attacker
could potentially exploit this flaw to conduct man-in-the-middle attacks
to spoof SSL servers. Note that to exploit this issue, an attacker would
need to obtain a carefully-crafted certificate signed by an authority that
the client trusts. (CVE-2013-4073)

SL5
x86_64
ruby-1.8.5-31.el5_9.x86_64.rpm
ruby-rdoc-1.8.5-31.el5_9.x86_64.rpm
ruby-devel-1.8.5-31.el5_9.x86_64.rpm
ruby-ri-1.8.5-31.el5_9.x86_64.rpm
ruby-tcltk-1.8.5-31.el5_9.x86_64.rpm
ruby-docs-1.8.5-31.el5_9.x86_64.rpm
ruby-irb-1.8.5-31.el5_9.x86_64.rpm
ruby-devel-1.8.5-31.el5_9.i386.rpm
ruby-libs-1.8.5-31.el5_9.x86_64.rpm
ruby-mode-1.8.5-31.el5_9.x86_64.rpm
ruby-libs-1.8.5-31.el5_9.i386.rpm
ruby-debuginfo-1.8.5-31.el5_9.i386.rpm
ruby-debuginfo-1.8.5-31.el5_9.x86_64.rpm
i386
ruby-mode-1.8.5-31.el5_9.i386.rpm
ruby-libs-1.8.5-31.el5_9.i386.rpm
ruby-tcltk-1.8.5-31.el5_9.i386.rpm
ruby-irb-1.8.5-31.el5_9.i386.rpm
ruby-docs-1.8.5-31.el5_9.i386.rpm
ruby-devel-1.8.5-31.el5_9.i386.rpm
ruby-ri-1.8.5-31.el5_9.i386.rpm
ruby-rdoc-1.8.5-31.el5_9.i386.rpm
ruby-1.8.5-31.el5_9.i386.rpm
ruby-debuginfo-1.8.5-31.el5_9.i386.rpm
srpm
ruby-1.8.5-31.el5_9.src.rpm
noarch
ruby-debuginfo-1.8.5-31.el5_9.i386.rpm
ruby-debuginfo-1.8.5-31.el5_9.x86_64.rpm
SL6
x86_64
ruby-devel-1.8.7.352-12.el6_4.i686.rpm
ruby-libs-1.8.7.352-12.el6_4.x86_64.rpm
ruby-devel-1.8.7.352-12.el6_4.x86_64.rpm
ruby-rdoc-1.8.7.352-12.el6_4.x86_64.rpm
ruby-libs-1.8.7.352-12.el6_4.i686.rpm
ruby-ri-1.8.7.352-12.el6_4.x86_64.rpm
ruby-1.8.7.352-12.el6_4.x86_64.rpm
ruby-irb-1.8.7.352-12.el6_4.x86_64.rpm
ruby-tcltk-1.8.7.352-12.el6_4.x86_64.rpm
ruby-docs-1.8.7.352-12.el6_4.x86_64.rpm
ruby-static-1.8.7.352-12.el6_4.x86_64.rpm
ruby-debuginfo-1.8.7.352-12.el6_4.i686.rpm
ruby-debuginfo-1.8.7.352-12.el6_4.x86_64.rpm
srpm
ruby-1.8.7.352-12.el6_4.src.rpm
i386
ruby-docs-1.8.7.352-12.el6_4.i686.rpm
ruby-devel-1.8.7.352-12.el6_4.i686.rpm
ruby-libs-1.8.7.352-12.el6_4.i686.rpm
ruby-rdoc-1.8.7.352-12.el6_4.i686.rpm
ruby-ri-1.8.7.352-12.el6_4.i686.rpm
ruby-1.8.7.352-12.el6_4.i686.rpm
ruby-tcltk-1.8.7.352-12.el6_4.i686.rpm
ruby-static-1.8.7.352-12.el6_4.i686.rpm
ruby-irb-1.8.7.352-12.el6_4.i686.rpm
ruby-debuginfo-1.8.7.352-12.el6_4.i686.rpm
noarch
ruby-debuginfo-1.8.7.352-12.el6_4.i686.rpm
ruby-debuginfo-1.8.7.352-12.el6_4.x86_64.rpm

– Scientific Linux Development Team