Ubuntu
ruby1.9 package

  1. Gutsy (7.10)
  2. Bug #149616
  3. Comment #3

Comment 3 for bug 149616

Revision history for this message
Stephan RĂ¼gamer (sruegamer) wrote :

Just for your information:

The patches against 1.8.5 for CVE-2007-5162 you can find here: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13502
The patches against 1.8.6 for CVE-2007-5162 you can find here:
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504

For CVE-2007-5770 you can find here:
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656

smtp.rb and pop.rb are not affected in our releases, because until then they didn't have any SSL operations enabled. That was changed later.

Regards,

\sh