Update for ImageMagick, ImageMagick.256, Mozilla... security moderate

RubyOnRails: security version update to 2.3.17

The Ruby on Rails 2.3 stack was updated to 2.3.17.

The Ruby Rack was updated to 1.1.6.

The updates fix various security issues and bugs.

- update to version 2.3.17 (bnc#803336, bnc#803339)
CVE-2013-0276 CVE-2013-0277:

- update to version 2.3.17 (bnc#803336, bnc#803339)
CVE-2013-0276 CVE-2013-0277:
- Fix issue with attr_protected where malformed input could
circumvent protection
- Fix Serialized Attributes YAML Vulnerability

- update to version 2.3.17 (bnc#803336, bnc#803339)
CVE-2013-0276 CVE-2013-0277:
- Fix issue with attr_protected where malformed input could
circumvent protection
- Fix Serialized Attributes YAML Vulnerability

- update to 1.1.6 (bnc#802794)
* Fix CVE-2013-0263, timing attack against Rack::Session::Cookie

Fixed bugs
bnc#803336
VUL-0: CVE-2013-0276: rubygem-activerecord*: Circumvention of attr_protected
bnc#798452
VUL-0: rubygem-rack*: 3 DoS conditions in Rack
bnc#803339
VUL-0: CVE-2013-0277: rubygem-activerecord-2_3: Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0
Selected Binaries
openSUSE Build Service is sponsored by