[RHSA-2013:1090] ruby security update
Severity
Moderate
Affected Packages
40
CVEs
1
Ruby is an extensible, interpreted, object-oriented, scripting language.
It has features to process text files and to do system management tasks.
A flaw was found in Ruby's SSL client's hostname identity check when
handling certificates that contain hostnames with NULL bytes. An attacker
could potentially exploit this flaw to conduct man-in-the-middle attacks to
spoof SSL servers. Note that to exploit this issue, an attacker would need
to obtain a carefully-crafted certificate signed by an authority that the
client trusts. (CVE-2013-4073)
All users of Ruby are advised to upgrade to these updated packages, which
contain backported patches to resolve this issue.
- ID
- RHSA-2013:1090
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2013:1090
- Published
-
2013-07-17T00:00:00
(11 years ago) - Modified
-
2013-07-17T00:00:00
(11 years ago) - Rights
- Copyright 2013 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 979251 | https://bugzilla.redhat.com/979251 | |
RHSA | RHSA-2013:1090 | https://access.redhat.com/errata/RHSA-2013:1090 | |
CVE | CVE-2013-4073 | https://access.redhat.com/security/cve/CVE-2013-4073 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/ruby?arch=x86_64&distro=redhat-6.4 | redhat | ruby | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby?arch=s390x&distro=redhat-6.4 | redhat | ruby | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby?arch=ppc64&distro=redhat-6.4 | redhat | ruby | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby?arch=i686&distro=redhat-6.4 | redhat | ruby | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-tcltk?arch=x86_64&distro=redhat-6.4 | redhat | ruby-tcltk | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-tcltk?arch=s390x&distro=redhat-6.4 | redhat | ruby-tcltk | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-tcltk?arch=ppc64&distro=redhat-6.4 | redhat | ruby-tcltk | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-tcltk?arch=i686&distro=redhat-6.4 | redhat | ruby-tcltk | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-static?arch=x86_64&distro=redhat-6.4 | redhat | ruby-static | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-static?arch=s390x&distro=redhat-6.4 | redhat | ruby-static | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-static?arch=ppc64&distro=redhat-6.4 | redhat | ruby-static | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-static?arch=i686&distro=redhat-6.4 | redhat | ruby-static | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-ri?arch=x86_64&distro=redhat-6.4 | redhat | ruby-ri | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-ri?arch=s390x&distro=redhat-6.4 | redhat | ruby-ri | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-ri?arch=ppc64&distro=redhat-6.4 | redhat | ruby-ri | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-ri?arch=i686&distro=redhat-6.4 | redhat | ruby-ri | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-rdoc?arch=x86_64&distro=redhat-6.4 | redhat | ruby-rdoc | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-rdoc?arch=s390x&distro=redhat-6.4 | redhat | ruby-rdoc | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-rdoc?arch=ppc64&distro=redhat-6.4 | redhat | ruby-rdoc | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-rdoc?arch=i686&distro=redhat-6.4 | redhat | ruby-rdoc | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-libs?arch=x86_64&distro=redhat-6.4 | redhat | ruby-libs | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-libs?arch=s390x&distro=redhat-6.4 | redhat | ruby-libs | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-libs?arch=s390&distro=redhat-6.4 | redhat | ruby-libs | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390 | |
Affected | pkg:rpm/redhat/ruby-libs?arch=ppc64&distro=redhat-6.4 | redhat | ruby-libs | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-libs?arch=ppc&distro=redhat-6.4 | redhat | ruby-libs | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc | |
Affected | pkg:rpm/redhat/ruby-libs?arch=i686&distro=redhat-6.4 | redhat | ruby-libs | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-irb?arch=x86_64&distro=redhat-6.4 | redhat | ruby-irb | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-irb?arch=s390x&distro=redhat-6.4 | redhat | ruby-irb | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-irb?arch=ppc64&distro=redhat-6.4 | redhat | ruby-irb | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-irb?arch=i686&distro=redhat-6.4 | redhat | ruby-irb | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-docs?arch=x86_64&distro=redhat-6.4 | redhat | ruby-docs | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-docs?arch=s390x&distro=redhat-6.4 | redhat | ruby-docs | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-docs?arch=ppc64&distro=redhat-6.4 | redhat | ruby-docs | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-docs?arch=i686&distro=redhat-6.4 | redhat | ruby-docs | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 | |
Affected | pkg:rpm/redhat/ruby-devel?arch=x86_64&distro=redhat-6.4 | redhat | ruby-devel | < 1.8.7.352-12.el6_4 | redhat-6.4 | x86_64 | |
Affected | pkg:rpm/redhat/ruby-devel?arch=s390x&distro=redhat-6.4 | redhat | ruby-devel | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390x | |
Affected | pkg:rpm/redhat/ruby-devel?arch=s390&distro=redhat-6.4 | redhat | ruby-devel | < 1.8.7.352-12.el6_4 | redhat-6.4 | s390 | |
Affected | pkg:rpm/redhat/ruby-devel?arch=ppc64&distro=redhat-6.4 | redhat | ruby-devel | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc64 | |
Affected | pkg:rpm/redhat/ruby-devel?arch=ppc&distro=redhat-6.4 | redhat | ruby-devel | < 1.8.7.352-12.el6_4 | redhat-6.4 | ppc | |
Affected | pkg:rpm/redhat/ruby-devel?arch=i686&distro=redhat-6.4 | redhat | ruby-devel | < 1.8.7.352-12.el6_4 | redhat-6.4 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |