Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Red Hat Enterprise Linux 4: RHSA-2007:0961-01 Moderate: Ruby DoS Threat

Calendar Nov 13, 2007 User Avatar LinuxSecurity Advisories
6 - 11 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate Red Hat DoS ruby SSL
Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. If a remote attacker sends a specially crafted request, it is possible to cause the ruby CGI script to enter an infinite loop, possibly causing a denial of service. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 
- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: ruby security update
Advisory ID:       RHSA-2007:0961-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0961.html
Issue date:        2007-11-13
Updated on:        2007-11-13
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2006-6303 CVE-2007-5162 CVE-2007-5770 
- ---------------------------------------------------------------------1. Summary:

Updated ruby packages that fix several security issues are now available
for Red Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Ruby is an interpreted scripting language for object-oriented programming.

A flaw was discovered in the way Ruby's CGI module handles certain HTTP
requests. If a remote attacker sends a specially crafted request, it is
possible to cause the ruby CGI script to enter an infinite loop, possibly
causing a denial of service. (CVE-2006-6303)

An SSL certificate validation flaw was discovered in several Ruby Net
modules. The libraries were not checking the requested host name against
the common name (CN) in the SSL server certificate, possibly allowing a man
in the middle attack. (CVE-2007-5162, CVE-2007-5770)

Users of Ruby should upgrade to these updated packages, which contain
backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (https://bugzilla.redhat.com/):

218287 - CVE-2006-6303 ruby's cgi.rb vulnerable infinite loop DoS
313691 - CVE-2007-5162 ruby Net:HTTP insufficient verification of SSL certificate
362081 - CVE-2007-5770 ruby insufficient verification of SSL certificate in various net::* modules

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
106605e96347c6766e83336109ba6ae0  ruby-1.8.1-7.EL4.8.1.src.rpm

i386:
765be348e6e5cad8b65f70497d42051d  irb-1.8.1-7.EL4.8.1.i386.rpm
f73ba45ab88a14158cfa3b85c0ebfe82  ruby-1.8.1-7.EL4.8.1.i386.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
9d605627141ccc78801ae53c364c884e  ruby-devel-1.8.1-7.EL4.8.1.i386.rpm
4330a884a43cc05b072db0507185bb94  ruby-docs-1.8.1-7.EL4.8.1.i386.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
0360306d3f6166b36c1931aaae8d34b9  ruby-mode-1.8.1-7.EL4.8.1.i386.rpm
5535d1efd33c3cad3ee737d55f6f7681  ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

ia64:
79afb3c8edf4d65c3a6b07fdf52cb526  irb-1.8.1-7.EL4.8.1.ia64.rpm
224177b4e85cbb98ea816a64dde00633  ruby-1.8.1-7.EL4.8.1.ia64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
6771ce90dba3304330d9581490092155  ruby-debuginfo-1.8.1-7.EL4.8.1.ia64.rpm
918ccbb91646cd136c081d9ad33d3721  ruby-devel-1.8.1-7.EL4.8.1.ia64.rpm
d74490173c8eb515d92e14c0989e3b7e  ruby-docs-1.8.1-7.EL4.8.1.ia64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
7541fe15a20e6f4d76e54d4831b7bcf0  ruby-libs-1.8.1-7.EL4.8.1.ia64.rpm
f02558e7060950c1e494091870abb917  ruby-mode-1.8.1-7.EL4.8.1.ia64.rpm
65fab944a8c300f774a4bf9bf681e66e  ruby-tcltk-1.8.1-7.EL4.8.1.ia64.rpm

ppc:
32c8d583b12f0540150728beca98516a  irb-1.8.1-7.EL4.8.1.ppc.rpm
253e37299eca96941362fd0da1b905b1  ruby-1.8.1-7.EL4.8.1.ppc.rpm
e61050368f7da362d893d421b2030d7b  ruby-debuginfo-1.8.1-7.EL4.8.1.ppc.rpm
d9d0d602b138b6b49d070f49e1d62095  ruby-debuginfo-1.8.1-7.EL4.8.1.ppc64.rpm
d08807158491f3d09240aae131be1577  ruby-devel-1.8.1-7.EL4.8.1.ppc.rpm
9ddf28f5ae0a457e4d2ba9fc7ed4d150  ruby-docs-1.8.1-7.EL4.8.1.ppc.rpm
de396a9f2c3808849a666de02482704a  ruby-libs-1.8.1-7.EL4.8.1.ppc.rpm
af47b978c18c50d0051476bd033d1e50  ruby-libs-1.8.1-7.EL4.8.1.ppc64.rpm
ca595a74f2fd54abfb2f91e14d83c84d  ruby-mode-1.8.1-7.EL4.8.1.ppc.rpm
8b8d7eb76afedb6662d7f689c49b3258  ruby-tcltk-1.8.1-7.EL4.8.1.ppc.rpm

s390:
3dfffafb19d5612dac313a8cdedcaa08  irb-1.8.1-7.EL4.8.1.s390.rpm
01dd2123eaca564e4013feacb073600e  ruby-1.8.1-7.EL4.8.1.s390.rpm
3f48142faef520f76b158d9a332b8c76  ruby-debuginfo-1.8.1-7.EL4.8.1.s390.rpm
0577bdd9c31681ec0db944e68ed0a258  ruby-devel-1.8.1-7.EL4.8.1.s390.rpm
37e28a8e01e41e153b58c6365dc5ee20  ruby-docs-1.8.1-7.EL4.8.1.s390.rpm
f4b2f51f031fe1b411ba17499399a989  ruby-libs-1.8.1-7.EL4.8.1.s390.rpm
2625c174e9837fecf9c1fe41bc1b9002  ruby-mode-1.8.1-7.EL4.8.1.s390.rpm
a5616a339f8d84a3da47eeff25a9aa84  ruby-tcltk-1.8.1-7.EL4.8.1.s390.rpm

s390x:
213116e94f9e99f5f9c03043892ffbf3  irb-1.8.1-7.EL4.8.1.s390x.rpm
db5a7d26cdfbefe2248a1d54b50f4157  ruby-1.8.1-7.EL4.8.1.s390x.rpm
3f48142faef520f76b158d9a332b8c76  ruby-debuginfo-1.8.1-7.EL4.8.1.s390.rpm
7f328a6c2d9e5c345a3689a7c9b3d420  ruby-debuginfo-1.8.1-7.EL4.8.1.s390x.rpm
657ad52c8465fc84eaee4136d2adeff4  ruby-devel-1.8.1-7.EL4.8.1.s390x.rpm
b041f610b1d62a19c10261d6b409eb14  ruby-docs-1.8.1-7.EL4.8.1.s390x.rpm
f4b2f51f031fe1b411ba17499399a989  ruby-libs-1.8.1-7.EL4.8.1.s390.rpm
8e7d43c13a8868217377d3d442430358  ruby-libs-1.8.1-7.EL4.8.1.s390x.rpm
0b8c3dc30bb9d932e7176882503c5ac4  ruby-mode-1.8.1-7.EL4.8.1.s390x.rpm
98c1e9130ab7b2d2db4c6f0d9e157ec2  ruby-tcltk-1.8.1-7.EL4.8.1.s390x.rpm

x86_64:
f2c8d1fca0386f4549afe1eed3b27bfe  irb-1.8.1-7.EL4.8.1.x86_64.rpm
1cb537a873061ed0920366a223aa4723  ruby-1.8.1-7.EL4.8.1.x86_64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
99df3795693b455bd46ec25fc5e19412  ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm
ddd89b3fe0d886afe15d1e56fe9c25b3  ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm
22ca0c3995245046e85b4f378dc8e83f  ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
92bde1960d6f6fd7b3c139cb1c27985c  ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm
99bcb06185b20465900cafce0f97a3c0  ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm
012c233146fe9350713e7ed1f24a577f  ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
106605e96347c6766e83336109ba6ae0  ruby-1.8.1-7.EL4.8.1.src.rpm

i386:
765be348e6e5cad8b65f70497d42051d  irb-1.8.1-7.EL4.8.1.i386.rpm
f73ba45ab88a14158cfa3b85c0ebfe82  ruby-1.8.1-7.EL4.8.1.i386.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
9d605627141ccc78801ae53c364c884e  ruby-devel-1.8.1-7.EL4.8.1.i386.rpm
4330a884a43cc05b072db0507185bb94  ruby-docs-1.8.1-7.EL4.8.1.i386.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
0360306d3f6166b36c1931aaae8d34b9  ruby-mode-1.8.1-7.EL4.8.1.i386.rpm
5535d1efd33c3cad3ee737d55f6f7681  ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

x86_64:
f2c8d1fca0386f4549afe1eed3b27bfe  irb-1.8.1-7.EL4.8.1.x86_64.rpm
1cb537a873061ed0920366a223aa4723  ruby-1.8.1-7.EL4.8.1.x86_64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
99df3795693b455bd46ec25fc5e19412  ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm
ddd89b3fe0d886afe15d1e56fe9c25b3  ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm
22ca0c3995245046e85b4f378dc8e83f  ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
92bde1960d6f6fd7b3c139cb1c27985c  ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm
99bcb06185b20465900cafce0f97a3c0  ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm
012c233146fe9350713e7ed1f24a577f  ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
106605e96347c6766e83336109ba6ae0  ruby-1.8.1-7.EL4.8.1.src.rpm

i386:
765be348e6e5cad8b65f70497d42051d  irb-1.8.1-7.EL4.8.1.i386.rpm
f73ba45ab88a14158cfa3b85c0ebfe82  ruby-1.8.1-7.EL4.8.1.i386.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
9d605627141ccc78801ae53c364c884e  ruby-devel-1.8.1-7.EL4.8.1.i386.rpm
4330a884a43cc05b072db0507185bb94  ruby-docs-1.8.1-7.EL4.8.1.i386.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
0360306d3f6166b36c1931aaae8d34b9  ruby-mode-1.8.1-7.EL4.8.1.i386.rpm
5535d1efd33c3cad3ee737d55f6f7681  ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

ia64:
79afb3c8edf4d65c3a6b07fdf52cb526  irb-1.8.1-7.EL4.8.1.ia64.rpm
224177b4e85cbb98ea816a64dde00633  ruby-1.8.1-7.EL4.8.1.ia64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
6771ce90dba3304330d9581490092155  ruby-debuginfo-1.8.1-7.EL4.8.1.ia64.rpm
918ccbb91646cd136c081d9ad33d3721  ruby-devel-1.8.1-7.EL4.8.1.ia64.rpm
d74490173c8eb515d92e14c0989e3b7e  ruby-docs-1.8.1-7.EL4.8.1.ia64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
7541fe15a20e6f4d76e54d4831b7bcf0  ruby-libs-1.8.1-7.EL4.8.1.ia64.rpm
f02558e7060950c1e494091870abb917  ruby-mode-1.8.1-7.EL4.8.1.ia64.rpm
65fab944a8c300f774a4bf9bf681e66e  ruby-tcltk-1.8.1-7.EL4.8.1.ia64.rpm

x86_64:
f2c8d1fca0386f4549afe1eed3b27bfe  irb-1.8.1-7.EL4.8.1.x86_64.rpm
1cb537a873061ed0920366a223aa4723  ruby-1.8.1-7.EL4.8.1.x86_64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
99df3795693b455bd46ec25fc5e19412  ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm
ddd89b3fe0d886afe15d1e56fe9c25b3  ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm
22ca0c3995245046e85b4f378dc8e83f  ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
92bde1960d6f6fd7b3c139cb1c27985c  ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm
99bcb06185b20465900cafce0f97a3c0  ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm
012c233146fe9350713e7ed1f24a577f  ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
106605e96347c6766e83336109ba6ae0  ruby-1.8.1-7.EL4.8.1.src.rpm

i386:
765be348e6e5cad8b65f70497d42051d  irb-1.8.1-7.EL4.8.1.i386.rpm
f73ba45ab88a14158cfa3b85c0ebfe82  ruby-1.8.1-7.EL4.8.1.i386.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
9d605627141ccc78801ae53c364c884e  ruby-devel-1.8.1-7.EL4.8.1.i386.rpm
4330a884a43cc05b072db0507185bb94  ruby-docs-1.8.1-7.EL4.8.1.i386.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
0360306d3f6166b36c1931aaae8d34b9  ruby-mode-1.8.1-7.EL4.8.1.i386.rpm
5535d1efd33c3cad3ee737d55f6f7681  ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

ia64:
79afb3c8edf4d65c3a6b07fdf52cb526  irb-1.8.1-7.EL4.8.1.ia64.rpm
224177b4e85cbb98ea816a64dde00633  ruby-1.8.1-7.EL4.8.1.ia64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
6771ce90dba3304330d9581490092155  ruby-debuginfo-1.8.1-7.EL4.8.1.ia64.rpm
918ccbb91646cd136c081d9ad33d3721  ruby-devel-1.8.1-7.EL4.8.1.ia64.rpm
d74490173c8eb515d92e14c0989e3b7e  ruby-docs-1.8.1-7.EL4.8.1.ia64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
7541fe15a20e6f4d76e54d4831b7bcf0  ruby-libs-1.8.1-7.EL4.8.1.ia64.rpm
f02558e7060950c1e494091870abb917  ruby-mode-1.8.1-7.EL4.8.1.ia64.rpm
65fab944a8c300f774a4bf9bf681e66e  ruby-tcltk-1.8.1-7.EL4.8.1.ia64.rpm

x86_64:
f2c8d1fca0386f4549afe1eed3b27bfe  irb-1.8.1-7.EL4.8.1.x86_64.rpm
1cb537a873061ed0920366a223aa4723  ruby-1.8.1-7.EL4.8.1.x86_64.rpm
c3333caf260f1dee91d739a1bccbe7a4  ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm
99df3795693b455bd46ec25fc5e19412  ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm
ddd89b3fe0d886afe15d1e56fe9c25b3  ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm
22ca0c3995245046e85b4f378dc8e83f  ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm
92278b25f1a1ea86d1b2c18afeb05d27  ruby-libs-1.8.1-7.EL4.8.1.i386.rpm
92bde1960d6f6fd7b3c139cb1c27985c  ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm
99bcb06185b20465900cafce0f97a3c0  ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm
012c233146fe9350713e7ed1f24a577f  ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://access.redhat.com/security/team/key#package

7. References:

https://www.cve.org/CVERecord?id=CVE-2006-6303
https://www.cve.org/CVERecord?id=CVE-2007-5162
https://www.cve.org/CVERecord?id=CVE-2007-5770
https://access.redhat.com/security/updates/classification#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://access.redhat.com/security/team/contact

Copyright 2007 Red Hat, Inc.

Red Hat Enterprise Linux 4: RHSA-2007:0961-01 Moderate: Ruby DoS Threat

red hat
Calendar Grey November 13, 2007
Dist Redhat Esm H88
Critical ruby patch for Red Hat Enterprise improving defense against CGI DoS and SSL vulnerabilities. Update immediately for enhanced security.
Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (https://bugzilla.redhat.com/):

218287 - CVE-2006-6303 ruby's cgi.rb vulnerable infinite loop DoS 313691 - CVE-2007-5162 ruby Net:HTTP insufficient verification of SSL certificate 362081 - CVE-2007-5770 ruby insufficient verification of SSL certificate in various net::* modules

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 106605e96347c6766e83336109ba6ae0 ruby-1.8.1-7.EL4.8.1.src.rpm

i386: 765be348e6e5cad8b65f70497d42051d irb-1.8.1-7.EL4.8.1.i386.rpm f73ba45ab88a14158cfa3b85c0ebfe82 ruby-1.8.1-7.EL4.8.1.i386.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 9d605627141ccc78801ae53c364c884e ruby-devel-1.8.1-7.EL4.8.1.i386.rpm 4330a884a43cc05b072db0507185bb94 ruby-docs-1.8.1-7.EL4.8.1.i386.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 0360306d3f6166b36c1931aaae8d34b9 ruby-mode-1.8.1-7.EL4.8.1.i386.rpm 5535d1efd33c3cad3ee737d55f6f7681 ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

ia64: 79afb3c8edf4d65c3a6b07fdf52cb526 irb-1.8.1-7.EL4.8.1.ia64.rpm 224177b4e85cbb98ea816a64dde00633 ruby-1.8.1-7.EL4.8.1.ia64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 6771ce90dba3304330d9581490092155 ruby-debuginfo-1.8.1-7.EL4.8.1.ia64.rpm 918ccbb91646cd136c081d9ad33d3721 ruby-devel-1.8.1-7.EL4.8.1.ia64.rpm d74490173c8eb515d92e14c0989e3b7e ruby-docs-1.8.1-7.EL4.8.1.ia64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 7541fe15a20e6f4d76e54d4831b7bcf0 ruby-libs-1.8.1-7.EL4.8.1.ia64.rpm f02558e7060950c1e494091870abb917 ruby-mode-1.8.1-7.EL4.8.1.ia64.rpm 65fab944a8c300f774a4bf9bf681e66e ruby-tcltk-1.8.1-7.EL4.8.1.ia64.rpm

ppc: 32c8d583b12f0540150728beca98516a irb-1.8.1-7.EL4.8.1.ppc.rpm 253e37299eca96941362fd0da1b905b1 ruby-1.8.1-7.EL4.8.1.ppc.rpm e61050368f7da362d893d421b2030d7b ruby-debuginfo-1.8.1-7.EL4.8.1.ppc.rpm d9d0d602b138b6b49d070f49e1d62095 ruby-debuginfo-1.8.1-7.EL4.8.1.ppc64.rpm d08807158491f3d09240aae131be1577 ruby-devel-1.8.1-7.EL4.8.1.ppc.rpm 9ddf28f5ae0a457e4d2ba9fc7ed4d150 ruby-docs-1.8.1-7.EL4.8.1.ppc.rpm de396a9f2c3808849a666de02482704a ruby-libs-1.8.1-7.EL4.8.1.ppc.rpm af47b978c18c50d0051476bd033d1e50 ruby-libs-1.8.1-7.EL4.8.1.ppc64.rpm ca595a74f2fd54abfb2f91e14d83c84d ruby-mode-1.8.1-7.EL4.8.1.ppc.rpm 8b8d7eb76afedb6662d7f689c49b3258 ruby-tcltk-1.8.1-7.EL4.8.1.ppc.rpm

s390: 3dfffafb19d5612dac313a8cdedcaa08 irb-1.8.1-7.EL4.8.1.s390.rpm 01dd2123eaca564e4013feacb073600e ruby-1.8.1-7.EL4.8.1.s390.rpm 3f48142faef520f76b158d9a332b8c76 ruby-debuginfo-1.8.1-7.EL4.8.1.s390.rpm 0577bdd9c31681ec0db944e68ed0a258 ruby-devel-1.8.1-7.EL4.8.1.s390.rpm 37e28a8e01e41e153b58c6365dc5ee20 ruby-docs-1.8.1-7.EL4.8.1.s390.rpm f4b2f51f031fe1b411ba17499399a989 ruby-libs-1.8.1-7.EL4.8.1.s390.rpm 2625c174e9837fecf9c1fe41bc1b9002 ruby-mode-1.8.1-7.EL4.8.1.s390.rpm a5616a339f8d84a3da47eeff25a9aa84 ruby-tcltk-1.8.1-7.EL4.8.1.s390.rpm

s390x: 213116e94f9e99f5f9c03043892ffbf3 irb-1.8.1-7.EL4.8.1.s390x.rpm db5a7d26cdfbefe2248a1d54b50f4157 ruby-1.8.1-7.EL4.8.1.s390x.rpm 3f48142faef520f76b158d9a332b8c76 ruby-debuginfo-1.8.1-7.EL4.8.1.s390.rpm 7f328a6c2d9e5c345a3689a7c9b3d420 ruby-debuginfo-1.8.1-7.EL4.8.1.s390x.rpm 657ad52c8465fc84eaee4136d2adeff4 ruby-devel-1.8.1-7.EL4.8.1.s390x.rpm b041f610b1d62a19c10261d6b409eb14 ruby-docs-1.8.1-7.EL4.8.1.s390x.rpm f4b2f51f031fe1b411ba17499399a989 ruby-libs-1.8.1-7.EL4.8.1.s390.rpm 8e7d43c13a8868217377d3d442430358 ruby-libs-1.8.1-7.EL4.8.1.s390x.rpm 0b8c3dc30bb9d932e7176882503c5ac4 ruby-mode-1.8.1-7.EL4.8.1.s390x.rpm 98c1e9130ab7b2d2db4c6f0d9e157ec2 ruby-tcltk-1.8.1-7.EL4.8.1.s390x.rpm

x86_64: f2c8d1fca0386f4549afe1eed3b27bfe irb-1.8.1-7.EL4.8.1.x86_64.rpm 1cb537a873061ed0920366a223aa4723 ruby-1.8.1-7.EL4.8.1.x86_64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 99df3795693b455bd46ec25fc5e19412 ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm ddd89b3fe0d886afe15d1e56fe9c25b3 ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm 22ca0c3995245046e85b4f378dc8e83f ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 92bde1960d6f6fd7b3c139cb1c27985c ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm 99bcb06185b20465900cafce0f97a3c0 ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm 012c233146fe9350713e7ed1f24a577f ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 106605e96347c6766e83336109ba6ae0 ruby-1.8.1-7.EL4.8.1.src.rpm

i386: 765be348e6e5cad8b65f70497d42051d irb-1.8.1-7.EL4.8.1.i386.rpm f73ba45ab88a14158cfa3b85c0ebfe82 ruby-1.8.1-7.EL4.8.1.i386.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 9d605627141ccc78801ae53c364c884e ruby-devel-1.8.1-7.EL4.8.1.i386.rpm 4330a884a43cc05b072db0507185bb94 ruby-docs-1.8.1-7.EL4.8.1.i386.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 0360306d3f6166b36c1931aaae8d34b9 ruby-mode-1.8.1-7.EL4.8.1.i386.rpm 5535d1efd33c3cad3ee737d55f6f7681 ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

x86_64: f2c8d1fca0386f4549afe1eed3b27bfe irb-1.8.1-7.EL4.8.1.x86_64.rpm 1cb537a873061ed0920366a223aa4723 ruby-1.8.1-7.EL4.8.1.x86_64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 99df3795693b455bd46ec25fc5e19412 ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm ddd89b3fe0d886afe15d1e56fe9c25b3 ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm 22ca0c3995245046e85b4f378dc8e83f ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 92bde1960d6f6fd7b3c139cb1c27985c ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm 99bcb06185b20465900cafce0f97a3c0 ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm 012c233146fe9350713e7ed1f24a577f ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 106605e96347c6766e83336109ba6ae0 ruby-1.8.1-7.EL4.8.1.src.rpm

i386: 765be348e6e5cad8b65f70497d42051d irb-1.8.1-7.EL4.8.1.i386.rpm f73ba45ab88a14158cfa3b85c0ebfe82 ruby-1.8.1-7.EL4.8.1.i386.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 9d605627141ccc78801ae53c364c884e ruby-devel-1.8.1-7.EL4.8.1.i386.rpm 4330a884a43cc05b072db0507185bb94 ruby-docs-1.8.1-7.EL4.8.1.i386.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 0360306d3f6166b36c1931aaae8d34b9 ruby-mode-1.8.1-7.EL4.8.1.i386.rpm 5535d1efd33c3cad3ee737d55f6f7681 ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

ia64: 79afb3c8edf4d65c3a6b07fdf52cb526 irb-1.8.1-7.EL4.8.1.ia64.rpm 224177b4e85cbb98ea816a64dde00633 ruby-1.8.1-7.EL4.8.1.ia64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 6771ce90dba3304330d9581490092155 ruby-debuginfo-1.8.1-7.EL4.8.1.ia64.rpm 918ccbb91646cd136c081d9ad33d3721 ruby-devel-1.8.1-7.EL4.8.1.ia64.rpm d74490173c8eb515d92e14c0989e3b7e ruby-docs-1.8.1-7.EL4.8.1.ia64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 7541fe15a20e6f4d76e54d4831b7bcf0 ruby-libs-1.8.1-7.EL4.8.1.ia64.rpm f02558e7060950c1e494091870abb917 ruby-mode-1.8.1-7.EL4.8.1.ia64.rpm 65fab944a8c300f774a4bf9bf681e66e ruby-tcltk-1.8.1-7.EL4.8.1.ia64.rpm

x86_64: f2c8d1fca0386f4549afe1eed3b27bfe irb-1.8.1-7.EL4.8.1.x86_64.rpm 1cb537a873061ed0920366a223aa4723 ruby-1.8.1-7.EL4.8.1.x86_64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 99df3795693b455bd46ec25fc5e19412 ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm ddd89b3fe0d886afe15d1e56fe9c25b3 ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm 22ca0c3995245046e85b4f378dc8e83f ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 92bde1960d6f6fd7b3c139cb1c27985c ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm 99bcb06185b20465900cafce0f97a3c0 ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm 012c233146fe9350713e7ed1f24a577f ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 106605e96347c6766e83336109ba6ae0 ruby-1.8.1-7.EL4.8.1.src.rpm

i386: 765be348e6e5cad8b65f70497d42051d irb-1.8.1-7.EL4.8.1.i386.rpm f73ba45ab88a14158cfa3b85c0ebfe82 ruby-1.8.1-7.EL4.8.1.i386.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 9d605627141ccc78801ae53c364c884e ruby-devel-1.8.1-7.EL4.8.1.i386.rpm 4330a884a43cc05b072db0507185bb94 ruby-docs-1.8.1-7.EL4.8.1.i386.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 0360306d3f6166b36c1931aaae8d34b9 ruby-mode-1.8.1-7.EL4.8.1.i386.rpm 5535d1efd33c3cad3ee737d55f6f7681 ruby-tcltk-1.8.1-7.EL4.8.1.i386.rpm

ia64: 79afb3c8edf4d65c3a6b07fdf52cb526 irb-1.8.1-7.EL4.8.1.ia64.rpm 224177b4e85cbb98ea816a64dde00633 ruby-1.8.1-7.EL4.8.1.ia64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 6771ce90dba3304330d9581490092155 ruby-debuginfo-1.8.1-7.EL4.8.1.ia64.rpm 918ccbb91646cd136c081d9ad33d3721 ruby-devel-1.8.1-7.EL4.8.1.ia64.rpm d74490173c8eb515d92e14c0989e3b7e ruby-docs-1.8.1-7.EL4.8.1.ia64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 7541fe15a20e6f4d76e54d4831b7bcf0 ruby-libs-1.8.1-7.EL4.8.1.ia64.rpm f02558e7060950c1e494091870abb917 ruby-mode-1.8.1-7.EL4.8.1.ia64.rpm 65fab944a8c300f774a4bf9bf681e66e ruby-tcltk-1.8.1-7.EL4.8.1.ia64.rpm

x86_64: f2c8d1fca0386f4549afe1eed3b27bfe irb-1.8.1-7.EL4.8.1.x86_64.rpm 1cb537a873061ed0920366a223aa4723 ruby-1.8.1-7.EL4.8.1.x86_64.rpm c3333caf260f1dee91d739a1bccbe7a4 ruby-debuginfo-1.8.1-7.EL4.8.1.i386.rpm 99df3795693b455bd46ec25fc5e19412 ruby-debuginfo-1.8.1-7.EL4.8.1.x86_64.rpm ddd89b3fe0d886afe15d1e56fe9c25b3 ruby-devel-1.8.1-7.EL4.8.1.x86_64.rpm 22ca0c3995245046e85b4f378dc8e83f ruby-docs-1.8.1-7.EL4.8.1.x86_64.rpm 92278b25f1a1ea86d1b2c18afeb05d27 ruby-libs-1.8.1-7.EL4.8.1.i386.rpm 92bde1960d6f6fd7b3c139cb1c27985c ruby-libs-1.8.1-7.EL4.8.1.x86_64.rpm 99bcb06185b20465900cafce0f97a3c0 ruby-mode-1.8.1-7.EL4.8.1.x86_64.rpm 012c233146fe9350713e7ed1f24a577f ruby-tcltk-1.8.1-7.EL4.8.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

Topics%20covered

Topics Covered

security advisory moderate Red Hat DoS ruby SSL

References

https://www.cve.org/CVERecord?id=CVE-2006-6303 https://www.cve.org/CVERecord?id=CVE-2007-5162 https://www.cve.org/CVERecord?id=CVE-2007-5770 https://access.redhat.com/security/updates/classification#moderate

Package List


Advisory ID: RHSA-2007:0961-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0961.html
Issue date: 2007-11-13
Updated on: 2007-11-13
Product: Red Hat Enterprise Linux

Topic

Topics%20covered

Topics Covered

security advisory moderate Red Hat DoS ruby SSL

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here