Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Fedora 21: 2015-6377 Critical: OpenSSL Hostname Match Issue Fix

fedora
Calendar Grey April 28, 2015
Dist Fedora Esm H88
Fedora 21 has released a Ruby update that resolves an OpenSSL hostname validation issue linked to CVE-2015-1855, rated as critical in severity.
Fixes CVE-2015-1855 ruby: OpenSSL extension hostname matching implementation violates RFC 6125

Summary

Ruby is the interpreted scripting language for quick and easy

object-oriented programming. It has many features to process text

files and to do system management tasks (as in Perl). It is simple,

straight-forward, and extensible.

Update Information:

Fixes CVE-2015-1855 ruby: OpenSSL extension hostname matching implementation violates RFC 6125

Topics%20covered

Topics Covered

security advisory critical Fedora issue OpenSSL ruby hostname

Change Log

* Tue Apr 14 2015 Josef Stribny - 2.1.6-27 - Update to 2.1.6 * Fri Dec 26 2014 Orion Poplwski - 2.1.5-26 - Disbable sse2 on i668 (bug #1101811) * Thu Nov 20 2014 Vít Ondruch - 2.1.5-25 - Update to Ruby 2.1.5.

References


[ 1 ] Bug #1209982 - CVE-2015-1855 ruby: OpenSSL extension hostname matching implementation violates RFC 6125 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1209982

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update ruby' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ruby
Product: Fedora 21
Version: 2.1.6
Release: 27.fc21
URL: https://www.ruby-lang.org/
Summary: An interpreter of object-oriented scripting language

Topics%20covered

Topics Covered

security advisory critical Fedora issue OpenSSL ruby hostname

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here