Security update for rubygem-passenger (important)

2015-12-21T23:10:29
ID SUSE-SU-2015:2337-1
Type suse
Reporter Suse
Modified 2015-12-21T23:10:29

Description

This update for rubygem-passenger fixes the following issues:

  • CVE-2015-7519: rubygem-passenger was not filtering the environment like apache is doing, allowing injection of environment variables (bsc#956281)