This bug was fixed in the package ruby1.8 - 1.8.6.36-1ubuntu3.1
--------------- ruby1.8 (1.8.6.36-1ubuntu3.1) gutsy-security; urgency=low
* SECURITY UPDATE: SSL connections did not check commonName early enough, possibly allowing sensitive information to be exposed. * debian/patches/100_CVE-2007-5162.dpatch: upstream fixes, from http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499 * debian/patches/101_CVE-2007-5770.dpatch: upstream fixes, from http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656 * References: CVE-2007-5162 CVE-2007-5770 (LP: #149616)
-- Stephan Hermann <email address hidden> Tue, 13 Nov 2007 19:42:37 +0100
This bug was fixed in the package ruby1.8 - 1.8.6.36-1ubuntu3.1
--------------- 36-1ubuntu3. 1) gutsy-security; urgency=low
ruby1.8 (1.8.6.
* SECURITY UPDATE: SSL connections did not check commonName early patches/ 100_CVE- 2007-5162. dpatch: upstream fixes, from svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13499 patches/ 101_CVE- 2007-5770. dpatch: upstream fixes, from svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13656
enough, possibly allowing sensitive information to be exposed.
* debian/
http://
* debian/
http://
* References:
CVE-2007-5162 CVE-2007-5770 (LP: #149616)
-- Stephan Hermann <email address hidden> Tue, 13 Nov 2007 19:42:37 +0100