(RHSA-2013:1794) Important: ruby193-rubygem-actionpack security update

2013-12-05T05:00:00
ID RHSA-2013:1794
Type redhat
Reporter RedHat
Modified 2017-03-03T17:40:29

Description

Ruby on Rails is a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.

A flaw was found in the way Ruby on Rails performed JSON parameter parsing. An application using a third party library, which uses the Rack::Request interface, or custom Rack middleware could bypass the protection implemented to fix the CVE-2013-0155 vulnerability, causing the application to receive unsafe parameters and become vulnerable to CVE-2013-0155. (CVE-2013-6417)

It was discovered that the internationalization component of Ruby on Rails could, under certain circumstances, return a fallback HTML string that contained user input. A remote attacker could possibly use this flaw to perform a reflective cross-site scripting (XSS) attack by providing a specially crafted input to an application using the aforementioned component. (CVE-2013-4491)

A denial of service flaw was found in the header handling component of Action View. A remote attacker could send strings in specially crafted headers that would be cached indefinitely, which would result in all available system memory eventually being consumed. (CVE-2013-6414)

It was found that the number_to_currency Action View helper did not properly escape the unit parameter. An attacker could use this flaw to perform a cross-site scripting (XSS) attack on an application that uses data submitted by a user in the unit parameter. (CVE-2013-6415)

All ruby193-rubygem-actionpack users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.