This bug was fixed in the package ruby1.8 - 1.8.5-4ubuntu2.1
--------------- ruby1.8 (1.8.5-4ubuntu2.1) feisty-security; urgency=low
* SECURITY UPDATE: SSL connections did not check commonName early enough, possibly allowing sensitive information to be exposed. * debian/patches/950_CVE-2007-5162.patch: upstream fixes, from http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499 * debian/patches/951_CVE-2007-5770.patch: upstream fixes, from http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656 * References: CVE-2007-5162 CVE-2007-5770 (LP: #149616)
-- Stephan Hermann <email address hidden> Tue, 13 Nov 2007 19:42:37 +0100
This bug was fixed in the package ruby1.8 - 1.8.5-4ubuntu2.1
---------------
ruby1.8 (1.8.5-4ubuntu2.1) feisty-security; urgency=low
* SECURITY UPDATE: SSL connections did not check commonName early patches/ 950_CVE- 2007-5162. patch: upstream fixes, from svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13499 patches/ 951_CVE- 2007-5770. patch: upstream fixes, from svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13656
enough, possibly allowing sensitive information to be exposed.
* debian/
http://
* debian/
http://
* References:
CVE-2007-5162 CVE-2007-5770 (LP: #149616)
-- Stephan Hermann <email address hidden> Tue, 13 Nov 2007 19:42:37 +0100