Denial of Service in rubygem-rack
ID: | FEDORA-2015-12979 |
Distribution: | Fedora |
Plattformen: | Fedora 21 |
Datum: | Fr, 28. August 2015, 06:47 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 |
Applikationen: | Ruby Rack |
Originalnachricht |
|
Name : rubygem-rack Product : Fedora 21 Version : 1.5.2 Release : 5.fc21 URL : http://rubyforge.org/projects/rack/ Summary : Common API for connecting web frameworks, web servers and layers of software Description : Rack provides a common API for connecting web frameworks, web servers and layers of software in between -------------------------------------------------------------------------------- Update Information: Fix for CVE-2015-3225: Potential Denial of Service Vulnerability in Rack - Related rhbz#CVE-2015-3225 New rubygem-rack-1.6.1-1.fc22 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1232292 - CVE-2015-3225 rubygem-rack: Potential Denial of Service Vulnerability in Rack normalize_params() https://bugzilla.redhat.com/show_bug.cgi?id=1232292 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-rack' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |