drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in rubygem-activerecord
Name: |
Mehrere Probleme in rubygem-activerecord |
|
ID: |
FEDORA-2013-0686 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 16 |
|
Datum: |
Mi, 23. Januar 2013, 06:48 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 |
|
Applikationen: |
Active Record |
|
Originalnachricht |
Name : rubygem-activerecord Product : Fedora 16 Version : 3.0.10 Release : 5.fc16 URL : http://www.rubyonrails.org Summary : Implements the ActiveRecord pattern for ORM Description : Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL.
------------------------------------------------------------------------------- - Update Information:
Fix for CVE-2013-0155 and CVE-2013-0156. ------------------------------------------------------------------------------- - ChangeLog:
* Thu Jan 10 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-5 - Fix for CVE-2013-0155. * Fri Jan 4 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-4 - Fix for CVE-2012-6496. * Mon Jun 18 2012 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-3 - Fix for CVE-2012-2695. * Mon Jun 4 2012 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-2 - Fix for CVE-2012-2661. ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #892866 - CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails https://bugzilla.redhat.com/show_bug.cgi?id=892866 [ 2 ] Bug #892870 - CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack https://bugzilla.redhat.com/show_bug.cgi?id=892870 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-activerecord' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|