openSUSE Security Update : rubygem-rails-html-sanitizer (openSUSE-2016-148)

This update for rubygem-rails-html-sanitizer fixes the following issues : - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328 %NASLMINLEVEL 70300 C Tenable Network...

openSUSE: Security Advisory for rubygem-rails-html-sanitizer (openSUSE-SU-2016:0356-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for rubygem-rails-html-sanitizer (important)

This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328...

SUSE-SU-2016:0267-1 Security update for rubygem-mail-2_4

This update for rubygem-mail-24 fixes the following issues: bsc959129: SMTP Injection via recipient email addresses...

openSUSE Security Update : rubygem-mail / rubygem-mail-2_4 / rubygem-mail-2_5 (openSUSE-2016-15)

This update for rubygem-mail, rubygem-mail-24, rubygem-mail-25 fixes the following security issues : - boo959129: SMTP Injection via recipient email addresses %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

SUSE-SU-2016:0082-1 Security update for rubygem-activesupport-4_1

This update fixes the following security issues: - CVE-2015-3227: Possible Denial of Service attack in Active Support bnc934800 - CVE-2015-3226: XSS Vulnerability in ActiveSupport::JSON bnc934799...

SUSE-SU-2016:0047-1 Security update for rubygem-activesupport-3_2

rubygem-activesupport-32 was updated to fix one security issue. This security issue was fixed: - CVE-2015-3227: Possible Denial of Service attack in Active Support bsc934800...

SUSE-SU-2016:0042-1 Security update for rubygem-passenger

This update fixes the following security issues: - CVE-2015-7519: Passenger is not filtering environment like apache is doing bnc956281 - CVE-2013-4136: Fixed security issue Passenger would reuse existing server instance directories temporary directories which could cause Passenger to remove or...

SUSE-SU-2015:2337-1 Security update for rubygem-passenger

This update for rubygem-passenger fixes the following issues: - CVE-2015-7519: rubygem-passenger was not filtering the environment like apache is doing, allowing injection of environment variables bsc956281...

SUSE-SU-2015:2274-1 Security update for rubygem-rack

rubygem-rack was updated to fix one security issue. This security issue was fixed: - CVE-2015-3225: Crafted requests could have caused a SystemStackError leading to Denial of Service bsc934797...

CVE-2015-9097 rubygem-mail: SMTP injection via recipient email addresses

The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

[SECURITY] Fedora 23 Update: rubygem-flexmock-2.0.2-1.fc23

FlexMock is a simple, but flexible, mock object library for Ruby unit testing...

SUSE-SU-2015:2190-1 Security update for rubygem-rack-1_4

rubygem-rack-14 was updated to fix one security issue. This security issue was fixed: - CVE-2015-3225: Crafted requests could have caused a SystemStackError leading to Denial of Service bsc934797...

CentOS 7 : rubygem-bundler / rubygem-thor (CESA-2015:2180)

Updated rubygem-bundler and rubygem-thor packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS...

Oracle Linux 7 : rubygem-bundler / and / rubygem-thor (ELSA-2015-2180)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2180 advisory. rubygem-bundler 1.7.8-3 - Enforce higher Thor version, which is required by Bundler. Related: rhbz1194243 1.7.8-2 - Update to Bundler 1.7.8. Resolves: rhbz11942...

Oracle: Security Advisory (ELSA-2015-2180)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

rubygem-bundler and rubygem-thor security, bug fix, and enhancement update

rubygem-bundler 1.7.8-3 - Enforce higher Thor version, which is required by Bundler. Related: rhbz1194243 1.7.8-2 - Update to Bundler 1.7.8. Resolves: rhbz1194243 - Use symlinks for vendored libraries. Resolves: rhbz1163076 1.3.1-3 - Mass rebuild 2013-12-27 1.3.1-2 - Always include Patch100 in...

RedHat Update for rubygem-bundler and rubygem-thor RHSA-2015:2180-07

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : rubygem-bundler and rubygem-thor (RHSA-2015:2180)

Updated rubygem-bundler and rubygem-thor packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS...

CVE-2015-5274

rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker...