Univention Bugzilla – Full Text Bug Listing |
Summary: | ruby1.9.1: Multiple issues (4.0) | ||
---|---|---|---|
Product: | UCS | Reporter: | Moritz Muehlenhoff <jmm> |
Component: | Security updates | Assignee: | Daniel Tröder <troeder> |
Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P4 | CC: | gohmann, requate, walkenhorst |
Version: | UCS 4.0 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 4.0-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: |
Description
Moritz Muehlenhoff
2014-11-25 11:21:26 CET
Man-in-the-middle attack via crafted SSL certificates (CVE-2015-1855) Fix available in upstream Debian version 1.9.3.194-8.1+deb7u5 * ruby1.9.1 1.9.3.194-8.1+deb7u5 was imported and build to scope errata4.0-3. * Drop test patch (4.0-0-0-ucs/1.9.3.194-8.1+deb7u5-errata4.0-3/drop-test.patch) was updated. * r15230, r15232 and 15233 add a new patch (4.0-0-0-ucs/1.9.3.194-8.1+deb7u5-errata4.0-3/020-raise-test-dh-size.patch) to make openssl tests work. * YAML (r63405, r63409): 2015-09-02-ruby1.9.1.yaml 2013-2065: oldstable: not vulnerable YAML: OK ruby tests: OK Redmine tested: OK |