Описание
ELSA-2013-1441: rubygems security update (MODERATE)
[1.3.7-4]
- Remove regexp backtracing (CVE-2013-4363).
- Related: rhbz#1002838.
[1.3.7-3]
- Fix insecure connection to SSL repository (CVE-2012-2125, CVE-2012-2126).
- Related: rhbz#1002838.
[1.3.7-2]
- Fix algorithmic complexity vulnerability (CVE-2013-4287).
- Resolves: rhbz#1002838.
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
rubygems
1.3.7-4.el6_4
Oracle Linux i686
rubygems
1.3.7-4.el6_4
Связанные CVE
Связанные уязвимости
ubuntu
больше 11 лет назад
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
redhat
около 13 лет назад
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
nvd
больше 11 лет назад
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
debian
больше 11 лет назад
RubyGems before 1.8.23 does not verify an SSL certificate, which allow ...
