Comment 8 for bug 149616

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ruby1.8 - 1.8.6.36-1ubuntu3.1

---------------
ruby1.8 (1.8.6.36-1ubuntu3.1) gutsy-security; urgency=low

  * SECURITY UPDATE: SSL connections did not check commonName early
    enough, possibly allowing sensitive information to be exposed.
  * debian/patches/100_CVE-2007-5162.dpatch: upstream fixes, from
    http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499
  * debian/patches/101_CVE-2007-5770.dpatch: upstream fixes, from
    http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656
  * References:
    CVE-2007-5162 CVE-2007-5770 (LP: #149616)

 -- Stephan Hermann <email address hidden> Tue, 13 Nov 2007 19:42:37 +0100