CVE-2017-14033 (retired)

Priority
Description
The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x
before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of
service (interpreter crash) via a crafted string.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1.9.3.484-2ubuntu1.5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.3.1-2~16.04.5)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2.3.5-1ubuntu4)
Patches:
Other:https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b
More Information

Updated: 2019-03-26 12:24:59 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)