[FEDORA-2013-12062] Fedora 17: ruby
Severity
Medium
Affected Packages
1
CVEs
6
A vulnerability was found in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority.
This vulnerability has been assigned the CVE identifier CVE-2013-4073.
This new update should solve this issue.
Package | Affected Version |
---|---|
pkg:rpm/fedora/ruby?distro=fedora-17 | < 1.9.3.448.31.fc17 |
- ID
- FEDORA-2013-12062
- Severity
- medium
- Severity from
- CVE-2013-4073
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2013-12062
- Published
-
2013-07-11T02:33:19
(11 years ago) - Modified
-
2013-07-11T02:33:19
(11 years ago) - Rights
- Copyright 2013 Red Hat, Inc.
- Other Advisories
-
- ALAS-2012-139
- ALAS-2013-229
- DSA-2738-1
- DSA-2809-1
- ELSA-2013-0129
- ELSA-2013-1090
- FEDORA-2012-15376
- FEDORA-2012-15395
- FEDORA-2012-15507
- FEDORA-2012-16071
- FEDORA-2012-16086
- FEDORA-2012-17949
- FEDORA-2012-18017
- FEDORA-2013-12123
- FEDORA-2013-12663
- FEDORA-2013-22315
- FEDORA-2013-22423
- FEDORA-2013-3038
- FEDORA-2013-8375
- FEDORA-2013-8411
- FEDORA-2013-8738
- FREEBSD:2A093853-2495-11E2-B0C7-000D601460A4
- FREEBSD:3DECC87D-2498-11E2-B0C7-000D601460A4
- FREEBSD:5E647CA3-2AEA-11E2-B745-001FD0AF1A4C
- FREEBSD:79789DAA-8AF8-4E21-A47F-E8A645752BDB
- FREEBSD:EBD877B9-7EF4-4375-B1FD-C67780581898
- GLSA-201412-27
- RHSA-2013:1090
- SSA:2012-341-04
- SSA:2013-136-02
- SSA:2013-178-01
- USN-1602-1
- USN-1603-1
- USN-1603-2
- USN-1614-1
- USN-1733-1
- USN-1902-1
- USN-2035-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 979295 | Bug #979295 - ruby: CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client [fedora-all] | https://bugzilla.redhat.com/show_bug.cgi?id=979295 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/ruby?distro=fedora-17 | fedora | ruby | < 1.9.3.448.31.fc17 | fedora-17 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |