Nome do pacote
ruby
Data
2009-08-05
ID Alerta
MDVSA-2009:193
Versões afetadas
2009.0 x86_64 , CS4.0 x86_64 , MES5 i586 , 2009.1 i586 , 2009.0 i586 , 2008.1 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2008.1 x86_64 , 2009.1 x86_64 , MES5 x86_64

Descrição do problema

ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check
the return value from the OCSP_basic_verify function, which might allow
remote attackers to successfully present an invalid X.509 certificate,
possibly involving a revoked certificate.

This update corrects the problem, including for older ruby versions.

Pacotes atualizados

2009.0 x86_64

 07840368d916f0d15f9c00e135f7c307  2009.0/x86_64/ruby-1.8.7-7p72.2mdv2009.0.x86_64.rpm
 b7e8a14de19e4898e3ee6396f6c2d073  2009.0/x86_64/ruby-devel-1.8.7-7p72.2mdv2009.0.x86_64.rpm
 ab0cf8b25ac28347827a8c09f1f0a6eb  2009.0/x86_64/ruby-doc-1.8.7-7p72.2mdv2009.0.x86_64.rpm
 539aecfa8e5cfc78b25551b64144ae44  2009.0/x86_64/ruby-tk-1.8.7-7p72.2mdv2009.0.x86_64.rpm 
 643988677dc99d19e0f70907745edb64  2009.0/SRPMS/ruby-1.8.7-7p72.2mdv2009.0.src.rpm

CS4.0 x86_64

 ac7b9ff49f03f98310cdce61ca88d87f  corporate/4.0/x86_64/ruby-1.8.2-7.10.20060mlcs4.x86_64.rpm
 488c64e56c4b7c9cf1336c98436d492f  corporate/4.0/x86_64/ruby-devel-1.8.2-7.10.20060mlcs4.x86_64.rpm
 f487ec8a14a4b0690ae8f3337fc518cc  corporate/4.0/x86_64/ruby-doc-1.8.2-7.10.20060mlcs4.x86_64.rpm
 a5a8f90e1fbfd7dc680c9cd8827857c7  corporate/4.0/x86_64/ruby-tk-1.8.2-7.10.20060mlcs4.x86_64.rpm 
 66356780c7aacc6ad849f4c87898de31  corporate/4.0/SRPMS/ruby-1.8.2-7.10.20060mlcs4.src.rpm

MES5 i586

 89918bfc80df73ecbd918b78facac289  mes5/i586/ruby-1.8.7-7p72.2mdvmes5.i586.rpm
 342607d25b5573fb4e3193e3d74978df  mes5/i586/ruby-devel-1.8.7-7p72.2mdvmes5.i586.rpm
 49796832a7df2a8f26381bb6ff2525a0  mes5/i586/ruby-doc-1.8.7-7p72.2mdvmes5.i586.rpm
 54307ad3d0a7278bc520dad9e6861f86  mes5/i586/ruby-tk-1.8.7-7p72.2mdvmes5.i586.rpm 
 c53fadcd8cef5e5b80a4c85d8538a8a5  mes5/SRPMS/ruby-1.8.7-7p72.2mdvmes5.src.rpm

2009.1 i586

 8c79d647f56c69f4092db555f76f2fc0  2009.1/i586/ruby-1.8.7-9p72.2mdv2009.1.i586.rpm
 1de68e2e5913980856e94bb48776ccf6  2009.1/i586/ruby-devel-1.8.7-9p72.2mdv2009.1.i586.rpm
 2e25f7bee81951aa32c3cb22c235295e  2009.1/i586/ruby-doc-1.8.7-9p72.2mdv2009.1.i586.rpm
 87808e106da38245199b7fe1ce2df0a0  2009.1/i586/ruby-tk-1.8.7-9p72.2mdv2009.1.i586.rpm 
 a2d2afc50337c9e59faf07560d524acf  2009.1/SRPMS/ruby-1.8.7-9p72.2mdv2009.1.src.rpm

2009.0 i586

 a99dca894009b3416c947c9b918ca565  2009.0/i586/ruby-1.8.7-7p72.2mdv2009.0.i586.rpm
 ffdba0c2d07588a9d03e8b35b2bfdc62  2009.0/i586/ruby-devel-1.8.7-7p72.2mdv2009.0.i586.rpm
 a87ad8e2b9aa8a12e0d263a51d392abf  2009.0/i586/ruby-doc-1.8.7-7p72.2mdv2009.0.i586.rpm
 8603163c55d43873154a15f412cf9dc6  2009.0/i586/ruby-tk-1.8.7-7p72.2mdv2009.0.i586.rpm 
 643988677dc99d19e0f70907745edb64  2009.0/SRPMS/ruby-1.8.7-7p72.2mdv2009.0.src.rpm

2008.1 i586

 b6713b937acd6177e43d5dd9adf78a92  2008.1/i586/ruby-1.8.6-9p114.4mdv2008.1.i586.rpm
 09481407505f55b81cade1db95d738c6  2008.1/i586/ruby-devel-1.8.6-9p114.4mdv2008.1.i586.rpm
 0308ccc0cb62ca9031c654c94cc0e9ee  2008.1/i586/ruby-doc-1.8.6-9p114.4mdv2008.1.i586.rpm
 a1f5fffec41efe72ce8976c8ef79a660  2008.1/i586/ruby-tk-1.8.6-9p114.4mdv2008.1.i586.rpm 
 4bbb4018722168d2ced70b7c107c6ea0  2008.1/SRPMS/ruby-1.8.6-9p114.4mdv2008.1.src.rpm

CS3.0 x86_64

 5d315613d9f992d6c4f58c52bd03d627  corporate/3.0/x86_64/ruby-1.8.1-1.13.C30mdk.x86_64.rpm
 d3b693c92ee4968e6f6d63e3b71e5a90  corporate/3.0/x86_64/ruby-devel-1.8.1-1.13.C30mdk.x86_64.rpm
 7f0ca0f79a7b9286cd98e2da2ba6c2b4  corporate/3.0/x86_64/ruby-doc-1.8.1-1.13.C30mdk.x86_64.rpm
 9f4cc39abd6d039223c80dfcc101e51f  corporate/3.0/x86_64/ruby-tk-1.8.1-1.13.C30mdk.x86_64.rpm 
 a235fb7168b3c327d4d6ae80290bdd6e  corporate/3.0/SRPMS/ruby-1.8.1-1.13.C30mdk.src.rpm

CS4.0 i586

 14eefde3ea5f870005dd4c0fb2025c8c  corporate/4.0/i586/ruby-1.8.2-7.10.20060mlcs4.i586.rpm
 e4b685717a138c661ca4f13ee4c00c12  corporate/4.0/i586/ruby-devel-1.8.2-7.10.20060mlcs4.i586.rpm
 e63feea2d4bd7b87be16335da05142a9  corporate/4.0/i586/ruby-doc-1.8.2-7.10.20060mlcs4.i586.rpm
 ccbefcfcf5c49233f2573ca89a60c687  corporate/4.0/i586/ruby-tk-1.8.2-7.10.20060mlcs4.i586.rpm 
 66356780c7aacc6ad849f4c87898de31  corporate/4.0/SRPMS/ruby-1.8.2-7.10.20060mlcs4.src.rpm

CS3.0 i586

 bb6f25ad3053954c969ff74fca117518  corporate/3.0/i586/ruby-1.8.1-1.13.C30mdk.i586.rpm
 ad4055c50ce8da0372d831e0b488af9c  corporate/3.0/i586/ruby-devel-1.8.1-1.13.C30mdk.i586.rpm
 13448c01625ca8b1b538aa5162d2c620  corporate/3.0/i586/ruby-doc-1.8.1-1.13.C30mdk.i586.rpm
 78451cec2892c715ace6ce09b75a4f07  corporate/3.0/i586/ruby-tk-1.8.1-1.13.C30mdk.i586.rpm 
 a235fb7168b3c327d4d6ae80290bdd6e  corporate/3.0/SRPMS/ruby-1.8.1-1.13.C30mdk.src.rpm

2008.1 x86_64

 6128ad00fe61fe921239487a3a7f9c2a  2008.1/x86_64/ruby-1.8.6-9p114.4mdv2008.1.x86_64.rpm
 a37e6862e77d34a6b8a511bdfb2a6d24  2008.1/x86_64/ruby-devel-1.8.6-9p114.4mdv2008.1.x86_64.rpm
 d47b51ac7bd9ce7233e607f1d3d1edc3  2008.1/x86_64/ruby-doc-1.8.6-9p114.4mdv2008.1.x86_64.rpm
 6b8503f890db07a56a602e5004dcde76  2008.1/x86_64/ruby-tk-1.8.6-9p114.4mdv2008.1.x86_64.rpm 
 4bbb4018722168d2ced70b7c107c6ea0  2008.1/SRPMS/ruby-1.8.6-9p114.4mdv2008.1.src.rpm

2009.1 x86_64

 9fa5300ab40245ffb8a9324b6a508dd1  2009.1/x86_64/ruby-1.8.7-9p72.2mdv2009.1.x86_64.rpm
 e3d66178e2688a3ffa2474f51f06fdb0  2009.1/x86_64/ruby-devel-1.8.7-9p72.2mdv2009.1.x86_64.rpm
 f67eb8be42e770f0cab2bc27011cb914  2009.1/x86_64/ruby-doc-1.8.7-9p72.2mdv2009.1.x86_64.rpm
 daa9e7bdcef05e5184d7330f404aabe6  2009.1/x86_64/ruby-tk-1.8.7-9p72.2mdv2009.1.x86_64.rpm 
 a2d2afc50337c9e59faf07560d524acf  2009.1/SRPMS/ruby-1.8.7-9p72.2mdv2009.1.src.rpm

MES5 x86_64

 910d0b5fa5766311f5c5dd067f8faeef  mes5/x86_64/ruby-1.8.7-7p72.2mdvmes5.x86_64.rpm
 c970d0fed769ad331bfca522b7e5419f  mes5/x86_64/ruby-devel-1.8.7-7p72.2mdvmes5.x86_64.rpm
 5e5ec905b65a9e9635ef3d97d9783aa4  mes5/x86_64/ruby-doc-1.8.7-7p72.2mdvmes5.x86_64.rpm
 8d60e7dd804cf09d17d6e8a6360b01f1  mes5/x86_64/ruby-tk-1.8.7-7p72.2mdvmes5.x86_64.rpm 
 c53fadcd8cef5e5b80a4c85d8538a8a5  mes5/SRPMS/ruby-1.8.7-7p72.2mdvmes5.src.rpm

Referências