From 0676bd0c2685465783260ec64a14728df2ad50c6 Mon Sep 17 00:00:00 2001 From: sunpoet Date: Sun, 6 Mar 2016 06:37:45 +0000 Subject: - Document Ruby on Rails multiple vulnerabilities --- security/vuxml/vuln.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b6aa8c806bae..c3375436e18c 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,53 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + rails -- multiple vulnerabilities + + + rubygem-actionpack + 3.2.22.2 + + + rubygem-actionpack4 + 4.2.5.2 + + + rubygem-actionview + 4.2.5.2 + + + rubygem-rails + 3.2.22.2 + + + rubygem-rails4 + 4.2.5.2 + + + + +

Ruby on Rails blog:

+
+

Rails 4.2.5.2, 4.1.14.2, and 3.2.22.2 have been released! These + contain the following important security fixes, and it is + recommended that users upgrade as soon as possible.

+
+ +
+ + CVE-2016-2097 + CVE-2016-2098 + https://groups.google.com/d/msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ + https://groups.google.com/d/msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ + http://weblog.rubyonrails.org/2016/2/29/Rails-4-2-5-2-4-1-14-2-3-2-22-2-have-been-released/ + + + 2016-02-29 + 2016-03-06 + +
+ chromium -- multiple vulnerabilities -- cgit