[ubuntu/precise-security] rubygems 1.8.15-1ubuntu0.1 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Wed Sep 26 01:42:14 UTC 2012
rubygems (1.8.15-1ubuntu0.1) precise-security; urgency=low
* SECURITY UPDATE: Add proper handling of SSL connections
- debian/patches/CVE-2012-2125-2126.patch: Perform certificate
verification and disallow HTTP->HTTPS redirection. Based on upstream
patch.
- CVE-2012-2125
- CVE-2012-2126
* debian/control: Add ca-certificates to rubygems depends for certificate
verification
Date: 2012-09-19 17:35:20.403381+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/precise/+source/rubygems/1.8.15-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list