|
|
>> Fedora Security Update Fixes Ruby Net::HTTPS Security Bypass Issue
|
Title : Fedora Security Update Fixes Ruby Net::HTTPS Security Bypass Issue
VUPEN ID : VUPEN/ADV-2007-3655
CVE ID : CVE-2007-5162
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-10-30
|
A vulnerability has been identified in Fedora, which could be exploited to conduct spoofing attacks. This issue is caused by an error in Ruby. For additional information, see : VUPEN/ADV-2007-3340
Affected Products
Fedora 7
Solution
Upgrade the affected packages :
256bd0b2eaa05b808c3c11cf92124be3f3e08e1a ruby-1.8.6.111-1.fc7.ppc64.rpm
f31c52278982bb7b4d67a4762999d1e07d2e685d ruby-rdoc-1.8.6.111-1.fc7.ppc64.rpm
d3b9c6d11a3e205fed5a6f147d293a2b0857c0de ruby-debuginfo-1.8.6.111-1.fc7.ppc64.rpm
c8589ac68cc66df61f9af39d9ef45383090bbbd1 ruby-ri-1.8.6.111-1.fc7.ppc64.rpm
1a72b62806cc79bafc4c17fcfe977bcb415f482e ruby-tcltk-1.8.6.111-1.fc7.ppc64.rpm
9587703ea56a3263958272e97c68a5394ebbc625 ruby-irb-1.8.6.111-1.fc7.ppc64.rpm
a5ddf8708af4af3b2de24c5675717968c305e08a ruby-devel-1.8.6.111-1.fc7.ppc64.rpm
c8e4ad9e645a856af52d9698ca4e955a2686a54b ruby-docs-1.8.6.111-1.fc7.ppc64.rpm
634361ea5584a94bd844b97c84f0d61481ee154f ruby-libs-1.8.6.111-1.fc7.ppc64.rpm
cdbc08ed72ef2421b15af1169d7fe51944060fc0 ruby-debuginfo-1.8.6.111-1.fc7.i386.rpm
7050bdb5d6276369e413d4847458272ef545a0b2 ruby-rdoc-1.8.6.111-1.fc7.i386.rpm
f41d95544e07cd8d3ba073d29ff4e42ccea46c88 ruby-devel-1.8.6.111-1.fc7.i386.rpm
b52c780708c524e1226120f8e1bd51f83cc35c82 ruby-tcltk-1.8.6.111-1.fc7.i386.rpm
01e5a27a0d510a4333c4696e0aac2b2c90585c2a ruby-ri-1.8.6.111-1.fc7.i386.rpm
02626a0b18760e8c97ad277444cca4c2cb5f41d9 ruby-1.8.6.111-1.fc7.i386.rpm
cc3dbe9f841dbe6e0d359d2ab2b7cabe94f1b4e2 ruby-libs-1.8.6.111-1.fc7.i386.rpm
bafe165691e13313cec7eaf2e9f9c22a9690b698 ruby-docs-1.8.6.111-1.fc7.i386.rpm
3865799641ab8cfaa693cab37308d2a3bf0ad4a9 ruby-mode-1.8.6.111-1.fc7.i386.rpm
0c95364eb74d6b1f5f4b07ed6d66a0e2bb40fbee ruby-irb-1.8.6.111-1.fc7.i386.rpm
996e03ea4c3a1d7ef45c5483357c2fb7beb73c95 ruby-debuginfo-1.8.6.111-1.fc7.x86_64.rpm
90fe1934d38c83195134906833e8222addc191f2 ruby-rdoc-1.8.6.111-1.fc7.x86_64.rpm
1f2f1d68c8782d760a65de09b1f4a627718d5ec3 ruby-tcltk-1.8.6.111-1.fc7.x86_64.rpm
ba59f21192f32cc40cb4c2047be178734b152964 ruby-ri-1.8.6.111-1.fc7.x86_64.rpm
adca9b847bb47b5c45f23c3ff663d07017676309 ruby-devel-1.8.6.111-1.fc7.x86_64.rpm
78af4cec3fb987cd1152f5badff9ed9186556792 ruby-irb-1.8.6.111-1.fc7.x86_64.rpm
21230fa0aff49e4421e6661a150a14fa6994c317 ruby-docs-1.8.6.111-1.fc7.x86_64.rpm
7a647d719b28ee9a25f214681a65ed84905c45c6 ruby-libs-1.8.6.111-1.fc7.x86_64.rpm
8fbbb1f37f042da5215a0c16ea13a3a3a1ff2434 ruby-1.8.6.111-1.fc7.x86_64.rpm
5ef1f1afa63dfded00c25b15e01edcda6347dc42 ruby-mode-1.8.6.111-1.fc7.x86_64.rpm
a41467449b86e2f60c8d44c50e7c664f50fa3bf7 ruby-tcltk-1.8.6.111-1.fc7.ppc.rpm
16c7b99afe1247182537d587d587d5a8e5431020 ruby-debuginfo-1.8.6.111-1.fc7.ppc.rpm
e4b4a0d40b6137cd1e6bef7099ac652d4e727073 ruby-devel-1.8.6.111-1.fc7.ppc.rpm
8c7cdb1345e178181cbfea1796f0455a9d0e8d42 ruby-irb-1.8.6.111-1.fc7.ppc.rpm
d57f4f365a9e3708e0c59cd03dc694d873295da8 ruby-mode-1.8.6.111-1.fc7.ppc.rpm
886c7b82d356e9c14565c24eca1f2e3d72086057 ruby-libs-1.8.6.111-1.fc7.ppc.rpm
b8acf137a559abb0122badd4136e6a7822725752 ruby-ri-1.8.6.111-1.fc7.ppc.rpm
21e2e2cc5014fd594f5bfba22c5704a15b2c374c ruby-1.8.6.111-1.fc7.ppc.rpm
aced140b4117d012646030ca5cae9d3e9cae3739 ruby-rdoc-1.8.6.111-1.fc7.ppc.rpm
db59cbb965652398d359cc3734c590990be780fe ruby-docs-1.8.6.111-1.fc7.ppc.rpm
5e239c4d3a83031711eddce8e533cead141ba1f7 ruby-1.8.6.111-1.fc7.src.rpm
References
http://www.vupen.com/english/advisories/2007/3655
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00391.html
ChangeLog
2007-10-30 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
