ruby -- Hostname check bypassing vulnerability in SSL client

2013-06-27T00:00:00
ID EBD877B9-7EF4-4375-B1FD-C67780581898
Type freebsd
Reporter FreeBSD
Modified 2013-09-24T00:00:00

Description

Ruby Developers report:

Ruby's SSL client implements hostname identity check but it does not properly handle hostnames in the certificate that contain null bytes.