Packages
Details
William (B.J.) Snow Orvis discovered that Ruby incorrectly verified the
hostname in SSL certificates. An attacker could trick Ruby into trusting a
rogue server certificate, which was signed by a trusted certificate
authority, to perform a machine-in-the-middle attack.
William (B.J.) Snow Orvis discovered that Ruby incorrectly verified the
hostname in SSL certificates. An attacker could trick Ruby into trusting a
rogue server certificate, which was signed by a trusted certificate
authority, to perform a machine-in-the-middle attack.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
13.04 raring | libruby1.8 – 1.8.7.358-7ubuntu1.1 | ||
libruby1.9.1 – 1.9.3.194-8.1ubuntu1.1 | |||
ruby1.8 – 1.8.7.358-7ubuntu1.1 | |||
ruby1.9.1 – 1.9.3.194-8.1ubuntu1.1 | |||
12.10 quantal | libruby1.8 – 1.8.7.358-4ubuntu0.3 | ||
libruby1.9.1 – 1.9.3.194-1ubuntu1.5 | |||
ruby1.8 – 1.8.7.358-4ubuntu0.3 | |||
ruby1.9.1 – 1.9.3.194-1ubuntu1.5 | |||
12.04 precise | libruby1.8 – 1.8.7.352-2ubuntu1.3 | ||
libruby1.9.1 – 1.9.3.0-1ubuntu2.7 | |||
ruby1.8 – 1.8.7.352-2ubuntu1.3 | |||
ruby1.9.1 – 1.9.3.0-1ubuntu2.7 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.