openSUSE Security Update : rubygem-activesupport-2_3 (openSUSE-SU-2013:0664-1)

Changes in rubygem-activesupport-23 : - add patch to fix security issue : - bug-8099322-3-attributesymbols.patch: fix CVE-2013-1854: rubygem-activerecord: Symbol DoS vulnerability in Active Record bnc809932 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1904-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

openSUSE Security Update : rubygem-actionpack-2_3 (openSUSE-SU-2013:1905-1)

fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS bnc853632. File CVE-2013-6415.patch contains the patch. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-987. The text...

openSUSE Security Update : rubygem-rack-ssl (openSUSE-SU-2014:0515-1)

This rubygem-rack-ssl updated fixes the following security issue : - bnc869162: Fixed XSS in error page CVE-2014-2538. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-293. The te...

openSUSE Security Update : rubygem-actionpack/activerecord-2_3 (openSUSE-SU-2012:0978-1)

3 Security issues were fixed in rails 2.3 core components. 2 NULL query issues where fixed in the actionpack gem. 1 SQL injection was fixed in the activerecord gem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1907-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

openSUSE Security Update : rubygem-actionpack-2_3 / rubygem-activesupport-2_3 (openSUSE-SU-2012:1218-1)

added 3-0-escapehtml-activesupport.patch: bnc775653 Also encode single quote CVE-2012-3464 - added 3-0-striptags.patch: bnc775649 Do not mark striptags result as htmlsafe CVE-2012-3465 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:0661-1)

Changes in rubygem-actionpack-32 : - add 2 patches to fix security issues : - bug-8099353-2-csssanitize.patch: CVE-2013-1855: rubygem-actionpack: XSS vulnerability in sanitizecss in Action Pack bnc809935 - bug-8099403-2-sanitizeprotocol.patch: CVE-2013-1857: rubygem-actionpack: XSS Vulnerability ...

openSUSE Security Update : rubygem-actionmailer-3_2 / rubygem-actionpack-3_2 / rubygem-activemodel-3_2 / etc (openSUSE-SU-2012:1066-1)

Multiple version upgrades for rails components. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-536. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1906-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

openSUSE Security Update : rubygem-activesupport-3_2 (openSUSE-SU-2013:1931-1)

This update fixes the following security issues with rubygem-activesupport-32 : - fix CVE-2013-4389: rubygem-actionmailer-31: possible DoS vulnerability in the log subscriber component bnc846239 File CVE-2013-4389.patch contains the fix. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0718-1)

fix CVE-2014-0130: rubygem-actionpack: directory traversal issue bnc876714 CVE-2014-0130.patch: contains the fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-397. The text...

openSUSE Security Update : rubygem-activerecord-2_3 (openSUSE-SU-2013:0660-1)

Changes in rubygem-activerecord-23 : - add patch to fix security issue : - bug-8099322-3-attributesymbols.patch: fix CVE-2013-1854: rubygem-activerecord: Symbol DoS vulnerability in Active Record bnc809932 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...

Fedora Update for rubygem-actionpack FEDORA-2014-6098

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for rubygem-actionpack FEDORA-2014-6127

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : rubygem-actionpack-4.0.0-4.fc20 (2014-6098)

Fix for CVE-2014-0130 - Avoid directory traversal Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-4.fc20

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...

CentOS 6 : Moderate: / ruby193-rubygem-actionpack (CESA-2014:0510)

The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0510. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Red Hat Security Advisory RHSA-2014:0510 and CentOS...

Fedora 20 : rubygem-rack-ssl-1.3.2-9.fc20 (2014-4118)

Handle bad URIs gracefully CVE-2014-2538. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

Fedora Update for rubygem-rack-ssl FEDORA-2014-4118

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...