File _patchinfo of Package patchinfo.10659

<patchinfo incident="10659">
  <issue tracker="bnc" id="1129272">VUL-0: CVE-2019-5418: rubygem-actionpack-4_2,rubygem-actionpack-5_1: possible file content disclosure</issue>
  <issue tracker="bnc" id="1129271">VUL-0: CVE-2019-5419: rubygem-actionpack-4_2,rubygem-actionpack-5_1: potential denial of service vulnerability</issue>
  <issue tracker="cve" id="2019-5418"/>
  <issue tracker="cve" id="2019-5419"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>krauselukas</packager>
  <description>This update for rubygem-actionpack-4_2 fixes the following issues:

Security issues fixed: 	  

- CVE-2019-5418: Fixed a file content disclosure vulnerability in Action View which 
  could be exploited via specially crafted accept headers in combination with calls 
  to render file (bsc#1129272).
- CVE-2019-5419: Fixed a resource exhaustion issue in Action View which could make
  the server unable to process requests (bsc#1129271). 
</description>
  <summary>Security update for rubygem-actionpack-4_2</summary>
</patchinfo>