Security update for Ruby

SUSE Security Update: Security update for Ruby
Announcement ID: SUSE-SU-2013:1260-1
Rating: moderate
References: #827265
Affected Products:
  • SUSE Studio Onsite 1.3

  • An update that fixes one vulnerability is now available. It includes one version update.


    Ruby failed to check hostnames correctly when setting up a
    SSL client connection. CVE-2013-4073 was assigned to this

    Security Issue reference:

    * CVE-2013-4073

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Studio Onsite 1.3:
      zypper in -t patch slestso13-ruby19-8034

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Studio Onsite 1.3 (x86_64) [New Version: 1.9.3.p392]:
    • ruby19-1.9.3.p392-0.11.1
    • ruby19-devel-1.9.3.p392-0.11.1
    • ruby19-devel-extra-1.9.3.p392-0.11.1