An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Ruby-lang | * | 2.1.2 (excluding) |
Ruby | Ruby-lang | 2.3.0 (including) | 2.3.7 (including) |
Ruby | Ruby-lang | 2.4.0 (including) | 2.4.4 (including) |
Ruby | Ruby-lang | 2.5.0 (including) | 2.5.1 (including) |
Ruby | Ruby-lang | 2.6.0-preview1 (including) | 2.6.0-preview1 (including) |
Ruby | Ruby-lang | 2.6.0-preview2 (including) | 2.6.0-preview2 (including) |
Red Hat Enterprise Linux 7 | RedHat | ruby-0:2.0.0.648-34.el7_6 | * |
Red Hat Enterprise Linux 7.4 Extended Update Support | RedHat | ruby-0:2.0.0.648-34.el7_4 | * |
Red Hat Enterprise Linux 7.5 Extended Update Support | RedHat | ruby-0:2.0.0.648-34.el7_5 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | rh-ruby23-ruby-0:2.3.8-69.el6 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | rh-ruby24-ruby-0:2.4.5-91.el6 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-ruby23-ruby-0:2.3.8-69.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-ruby24-ruby-0:2.4.5-91.el7 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-ruby25-ruby-0:2.5.3-6.el7 | * |
Ruby-openssl | Ubuntu | bionic | * |
Ruby-openssl | Ubuntu | cosmic | * |
Ruby1.9.1 | Ubuntu | trusty | * |
Ruby2.0 | Ubuntu | trusty | * |
Ruby2.3 | Ubuntu | xenial | * |
Ruby2.5 | Ubuntu | bionic | * |
Ruby2.5 | Ubuntu | cosmic | * |
Ruby2.5 | Ubuntu | disco | * |
Ruby2.5 | Ubuntu | eoan | * |