From ${URL}: Description The following D-H groups are enabled per default: https://github.com/ruby/ruby/blob/trunk/ext/openssl/lib/openssl/pkey.rb These use 512-bit and 1024-bit primes respectively. These are considered weak in 2015 by all present methods of evaluating D-H group size as a security parameter: http://www.keylength.com/ Weak D-H groups like this were recently implicated in the Logjam attack: https://weakdh.org/ 512-bit D-H keys in particular can be trivially attacked by commodity hardware. I have put in a PR to the openssl gem to remove the 512-bit group: https://github.com/ruby/openssl/pull/44 However, the 1024-bit group is weak as well. The recommendation of the Logjam paper authors is to upgrade to a 2048-bit group at the minimum.
I'd prefer to see a response from upstream on this bug first. If nothing happens there we could consider adding at least the 512 bit patch locally.
(In reply to Hans de Graaff from comment #1) > I'd prefer to see a response from upstream on this bug first. If nothing > happens there we could consider adding at least the 512 bit patch locally. Makes sense. In the mean time; there was a good talk on logjam on 32c3 this year available at https://media.ccc.de/v/32c3-7288-logjam_diffie-hellman_discrete_logs_the_nsa_and_you :)
(In reply to Hans de Graaff from comment #1) > I'd prefer to see a response from upstream on this bug first. If nothing > happens there we could consider adding at least the 512 bit patch locally. Any update on whether you would like to patch or has this now been included?
This only affects ruby 2.3 and newer since older versions don't ship the PKey bindings. It looks like upstream did not treat this as a security bug and the patch got applied to master (which will be 2.4 in december) without planning a backport.
(In reply to Hans de Graaff from comment #4) > This only affects ruby 2.3 and newer since older versions don't ship the Changing rating to reflect not affecting stable packages
Current status: ruby 2.3.4 does not include this fix ruby 2.4.1 does include the fix
Fixed in: dev-lang/ruby-2.3.4-r3