Ruby Update for SSL Vulnerability
An update has been released for the SSL vulnerability reported in Ruby. From the site: "All Ruby versions are affected". The Ruby update also contains a patch for a DOS vulnerability; check out the details here.
Keywords: Ruby on Rails
1 comment(s)
×
Diary Archives
Comments
Release Date: 2013-06-28
Where: From remote
Impact: Spoofing
Solution Status: Vendor Patch
CVE Reference: CVE-2013-4073
Solution: Update to version Ruby 1.8.7-p374, 1.9.3-p448, or 2.0.0-p247.
Original Advisory: Ruby:
http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
.
PC.Tech
Jun 28th 2013
1 decade ago