Synopsis: Moderate: ruby security update Advisory ID: SLSA-2013:1090-1 Issue Date: 2013-07-17 CVE Numbers: CVE-2013-4073 -- A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully-crafted certificate signed by an authority that the client trusts. (CVE-2013-4073) -- SL5 x86_64 ruby-1.8.5-31.el5_9.x86_64.rpm ruby-rdoc-1.8.5-31.el5_9.x86_64.rpm ruby-devel-1.8.5-31.el5_9.x86_64.rpm ruby-ri-1.8.5-31.el5_9.x86_64.rpm ruby-tcltk-1.8.5-31.el5_9.x86_64.rpm ruby-docs-1.8.5-31.el5_9.x86_64.rpm ruby-irb-1.8.5-31.el5_9.x86_64.rpm ruby-devel-1.8.5-31.el5_9.i386.rpm ruby-libs-1.8.5-31.el5_9.x86_64.rpm ruby-mode-1.8.5-31.el5_9.x86_64.rpm ruby-libs-1.8.5-31.el5_9.i386.rpm ruby-debuginfo-1.8.5-31.el5_9.i386.rpm ruby-debuginfo-1.8.5-31.el5_9.x86_64.rpm i386 ruby-mode-1.8.5-31.el5_9.i386.rpm ruby-libs-1.8.5-31.el5_9.i386.rpm ruby-tcltk-1.8.5-31.el5_9.i386.rpm ruby-irb-1.8.5-31.el5_9.i386.rpm ruby-docs-1.8.5-31.el5_9.i386.rpm ruby-devel-1.8.5-31.el5_9.i386.rpm ruby-ri-1.8.5-31.el5_9.i386.rpm ruby-rdoc-1.8.5-31.el5_9.i386.rpm ruby-1.8.5-31.el5_9.i386.rpm ruby-debuginfo-1.8.5-31.el5_9.i386.rpm srpm ruby-1.8.5-31.el5_9.src.rpm noarch ruby-debuginfo-1.8.5-31.el5_9.i386.rpm ruby-debuginfo-1.8.5-31.el5_9.x86_64.rpm SL6 x86_64 ruby-devel-1.8.7.352-12.el6_4.i686.rpm ruby-libs-1.8.7.352-12.el6_4.x86_64.rpm ruby-devel-1.8.7.352-12.el6_4.x86_64.rpm ruby-rdoc-1.8.7.352-12.el6_4.x86_64.rpm ruby-libs-1.8.7.352-12.el6_4.i686.rpm ruby-ri-1.8.7.352-12.el6_4.x86_64.rpm ruby-1.8.7.352-12.el6_4.x86_64.rpm ruby-irb-1.8.7.352-12.el6_4.x86_64.rpm ruby-tcltk-1.8.7.352-12.el6_4.x86_64.rpm ruby-docs-1.8.7.352-12.el6_4.x86_64.rpm ruby-static-1.8.7.352-12.el6_4.x86_64.rpm ruby-debuginfo-1.8.7.352-12.el6_4.i686.rpm ruby-debuginfo-1.8.7.352-12.el6_4.x86_64.rpm srpm ruby-1.8.7.352-12.el6_4.src.rpm i386 ruby-docs-1.8.7.352-12.el6_4.i686.rpm ruby-devel-1.8.7.352-12.el6_4.i686.rpm ruby-libs-1.8.7.352-12.el6_4.i686.rpm ruby-rdoc-1.8.7.352-12.el6_4.i686.rpm ruby-ri-1.8.7.352-12.el6_4.i686.rpm ruby-1.8.7.352-12.el6_4.i686.rpm ruby-tcltk-1.8.7.352-12.el6_4.i686.rpm ruby-static-1.8.7.352-12.el6_4.i686.rpm ruby-irb-1.8.7.352-12.el6_4.i686.rpm ruby-debuginfo-1.8.7.352-12.el6_4.i686.rpm noarch ruby-debuginfo-1.8.7.352-12.el6_4.i686.rpm ruby-debuginfo-1.8.7.352-12.el6_4.x86_64.rpm - Scientific Linux Development Team