Zwei Probleme in rubygem-activerecord
ID: | FEDORA-2016-5760339e76 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | Sa, 27. August 2016, 23:27 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6317 |
Applikationen: | Active Record |
Originalnachricht |
|
Name : rubygem-activerecord Product : Fedora 25 Version : 5.0.0.1 Release : 1.fc25 URL : http://rubyonrails.org Summary : Object-relational mapper framework (part of Rails) Description : Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. -------------------------------------------------------------------------------- Update Information: Update to Rails 5.0.0.1. Enable whole test suite in Railties. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366480 - CVE-2016-6316 rubygem-actionview: cross-site scripting flaw in Action View [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1366480 [ 2 ] Bug #1366419 - rubygem-actionpack-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366419 [ 3 ] Bug #1366418 - rubygem-actionmailer-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366418 [ 4 ] Bug #1366423 - rubygem-activerecord-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366423 [ 5 ] Bug #1366420 - rubygem-actionview-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366420 [ 6 ] Bug #1366424 - rubygem-activesupport-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366424 [ 7 ] Bug #1366421 - rubygem-activejob-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366421 [ 8 ] Bug #1352605 - rubygem-railties-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1352605 [ 9 ] Bug #1366422 - rubygem-activemodel-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366422 [ 10 ] Bug #1366417 - rubygem-actioncable-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366417 [ 11 ] Bug #1366479 - CVE-2016-6317 rubygem-activerecord: unsafe query generation in Active Record [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1366479 [ 12 ] Bug #1366428 - rubygem-rails-5.0.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1366428 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-activerecord' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org |