PublicDateAtUSN: 2013-06-28 Candidate: CVE-2013-4073 PublicDate: 2013-08-18 02:52:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073 http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ https://ubuntu.com/security/notices/USN-1902-1 Description: The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Ubuntu-Description: Notes: mdeslaur> possible regression: https://bugs.ruby-lang.org/issues/8575 Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4073 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714541 (1.8) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714543 (1.9) Priority: medium Discovered-by: William "B.J." Snow Orvis Assigned-to: CVSS: Patches_ruby1.8: upstream: https://github.com/ruby/ruby/commit/961bf7496ded3acfe847cf56fa90bbdcfd6e614f (1.8.7) upstream: https://github.com/ruby/ruby/commit/a3a62f87e144be31b9ca8ad6415b207f43f4e126 (regression - trunk) upstream_ruby1.8: released (1.8.7 patchlevel 374) lucid_ruby1.8: ignored (reached end-of-life) precise_ruby1.8: released (1.8.7.352-2ubuntu1.3) quantal_ruby1.8: released (1.8.7.358-4ubuntu0.3) raring_ruby1.8: released (1.8.7.358-7ubuntu1.1) devel_ruby1.8: released (1.8.7.358-7ubuntu2) Patches_ruby1.9.1: upstream: https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91158f89 (1.9.3) upstream: https://github.com/ruby/ruby/commit/a3a62f87e144be31b9ca8ad6415b207f43f4e126 (regression - trunk) upstream_ruby1.9.1: released (1.9.3 patchlevel 448) lucid_ruby1.9.1: ignored (reached end-of-life) precise_ruby1.9.1: released (1.9.3.0-1ubuntu2.7) quantal_ruby1.9.1: released (1.9.3.194-1ubuntu1.5) raring_ruby1.9.1: released (1.9.3.194-8.1ubuntu1.1) devel_ruby1.9.1: released (1.9.3.194-8.1ubuntu2)