[ MDVSA-2015:224 ] ruby

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:224
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : ruby
 Date    : May 4, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated ruby packages fix security vulnerability:
 
 Ruby OpenSSL hostname matching implementation violates RFC 6125
 (CVE-2015-1855).
 
 The ruby packages for MBS2 has been updated to version 2.0.0-p645,
 which fixes this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1855
 http://advisories.mageia.org/MGASA-2015-0178.html
 _______________________________________________________________________

 Updated Package

007 Software

[ MDVSA-2015:224 ] ruby

Leave a Reply Cancel reply

Software and Security Information