Lucene search

K
suseSuseOPENSUSE-SU-2013:0278-1
HistoryFeb 12, 2013 - 10:10 a.m.

ruby on rails to 2.3.16 (important)

2013-02-1210:10:39
lists.opensuse.org
28

0.974 High

EPSS

Percentile

99.9%

This update updates the RubyOnRails 2.3 stack to 2.3.16,
also this update updates the RubyOnRails 3.2 stack to
3.2.11.

Security and bugfixes were done, foremost: CVE-2013-0333: A
JSON sql/code injection problem was fixed. CVE-2012-5664: A
SQL Injection Vulnerability in Active Record was fixed.
CVE-2012-2695: A SQL injection via nested hashes in
conditions was fixed. CVE-2013-0155: Unsafe Query
Generation Risk in Ruby on Rails was fixed. CVE-2013-0156:
Multiple vulnerabilities in parameter parsing in Action
Pack were fixed.

0.974 High

EPSS

Percentile

99.9%

Related for OPENSUSE-SU-2013:0278-1