Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Unsichere Verwendung temporärer Dateien in rubygem-passenger
Aktuelle Meldungen Distributionen
Name: Unsichere Verwendung temporärer Dateien in rubygem-passenger
ID: FEDORA-2015-1151
Distribution: Fedora
Plattformen: Fedora 20
Datum: Di, 3. Februar 2015, 16:32
Referenzen: Keine Angabe

Originalnachricht

Name        : rubygem-passenger
Product : Fedora 20
Version : 4.0.53
Release : 3.fc20
URL : https://www.phusionpassenger.com
Summary : Phusion Passenger application server
Description :
Phusion Passenger® is a web server and application server, designed to be fast,
robust and lightweight. It takes a lot of complexity out of deploying web apps,
adds powerful enterprise-grade features that are useful in production,
and makes administration much easier and less complex. It supports Ruby,
Python, Node.js and Meteor.

-------------------------------------------------------------------------------
-
Update Information:

build for f20 (#1058993)
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Dec 15 2014 Brett Lentz <blentz@redhat.com> - 4.0.53-3
- build for f20 (#1058993)
* Thu Nov 20 2014 Jan Kaluza <jkaluza@redhat.com> - 4.0.53-2
- get agents_dir from locations.ini
* Fri Oct 3 2014 Jan Kaluza <jkaluza@redhat.com> - 4.0.53-1
- update to version 4.0.53
* Wed Sep 24 2014 Jan Kaluza <jkaluza@redhat.com> - 4.0.50-2
- remove old BuildRequires and tmpfiles.d conditions
* Mon Sep 15 2014 Jan Kaluza <jkaluza@redhat.com> - 4.0.50-1
- update to new version 4.0.50
* Tue May 13 2014 Jan Kaluza <jkaluza@redhat.com> - 4.0.38-1
- renamed from rubygem-passenger to passenger
- changed the packaging structure to be closer to upstream
- update to 4.0.38 (#1060106)
- fix for CVE-2014-1831 and CVE-2014-1832
- use real commands without macros
- do not bundle libeio
* Thu Jan 23 2014 Joe Orton <jorton@redhat.com> - 4.0.18-5
- fix _httpd_mmn expansion in absence of httpd-devel
* Thu Nov 14 2013 Jan Kaluza <jkaluza@redhat.com> - 4.0.18-4
- load native library from proper path
* Thu Oct 31 2013 Jan Kaluza <jkaluza@redhat.com> - 4.0.18-3
- fix #1021940 - add locations.ini with proper Fedora locations
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1058993 - rubygem-passenger: insecure use of temporary files
[fedora-20]
https://bugzilla.redhat.com/show_bug.cgi?id=1058993
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-passenger' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung