FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ruby -- Hostname check bypassing vulnerability in SSL client

Affected packages
ruby19 <,1
ruby18 <,1


VuXML ID ebd877b9-7ef4-4375-b1fd-c67780581898
Discovery 2013-06-27
Entry 2013-07-11
Modified 2013-09-24

Ruby Developers report:

Ruby's SSL client implements hostname identity check but it does not properly handle hostnames in the certificate that contain null bytes.


CVE Name CVE-2013-4073