Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Operating Systems » Linux » Mandriva- Advisories MDVSA-2008:029: Updated ruby packages fix possible man-in-the-middle attack
Register Calendar Gallery Mark Forums Read

Linux All distros and thier applications

Reply
 
Thread Tools Display Modes
  #1  
Old 01-31-2008, 05:13 AM
Mandriva's Avatar
Mandriva Mandriva is offline
Senior Member
  
Join Date: Oct 2006
Posts: 720
Mandriva- Advisories MDVSA-2008:029: Updated ruby packages fix possible man-in-the-middle attack
Advisories MDVSA-2008:029: Updated ruby packages fix possible man-in-the-middle attack
Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet,
Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a
possible man-in-the-middle attack, when using SSL, due to a missing
check of the CN (common name) attribute in SSL certificates against
the server's hostname.

The updated packages have been patched to prevent the issue.
http://mandrivausers.org/index.php?showtopic=48274
http://mandrivausers.org/index.php?showtopic=48274
Thu, 31 Jan 2008 08:38:16 +0000
Reply With Quote
Posted


Reply

  • Submit Thread to Digg Digg
  • Submit Thread to del.icio.us del.icio.us
  • Submit Thread to StumbleUpon StumbleUpon
  • Submit Thread to Google Google
    • Bookmarks

    « Previous Thread | Next Thread »
    Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
     
    Thread Tools
    Display Modes
    Linear Mode Linear Mode

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts
    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is On
    Forum Jump



    All times are GMT -5. The time now is 04:23 AM.

    Contact Us - CyberAnswers - Archive - Privacy Statement - Top

    Firefox 2