drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in rubygem-mechanize
| Name: |
Ausführen beliebiger Kommandos in rubygem-mechanize |
|
| ID: |
FEDORA-2021-24fdc228e4 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 32 |
|
| Datum: |
Do, 11. Februar 2021, 16:35 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21289 |
|
| Applikationen: |
rubygem-mechanize |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2021-24fdc228e4
2021-02-11 01:52:12.933031
-------------------------------------------------------------------------------
-
Name : rubygem-mechanize
Product : Fedora 32
Version : 2.7.7
Release : 1.fc32
URL : http://mechanize.rubyforge.org/
Summary : A handy web browsing ruby object
Description :
The Mechanize library is used for automating interaction with websites.
Mechanize automatically stores and sends cookies, follows redirects,
can follow links, and submit forms. Form fields can be populated and
submitted. Mechanize also keeps track of the sites that you have
visited as a history.
-------------------------------------------------------------------------------
-
Update Information:
New version 2.7.7 is released. Note that a security flaw was found on the
previous version which may allow OS commands' injection, which is now
assigned
as CVE-2021-21289 . This new rpm fixes this issue.
-------------------------------------------------------------------------------
-
ChangeLog:
* Tue Feb 2 2021 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.7.7-1
- 2.7.7
- Including fix for CVE-2021-21289
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> -
2.7.6-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jan 6 2021 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.7.6-2
- Fix build failure
-------------------------------------------------------------------------------
-
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-24fdc228e4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
|
|
|
|
