update for rubygem-actionpack-3_2
- fix CVE-2013-4491: rubygem-actionpack: i18n missing translation
XSS (bnc#853625). File CVE-2013-4491.patch contains the patch
- fix CVE-2013-6414: rubygem-actionpack: Action View DoS
(bnc#853633). File CVE-2013-6414.patch contains the patch.
- fix CVE-2013-6415: rubygem-actionpack: number_to_currency XSS
(bnc#853632). File CVE-2013-6415.patch contains the patch.
- fix CVE-2013-6417: rubygem-actionpack: unsafe query generation
risk (incomplete fix for CVE-2013-0155) (bnc#853627). File
CVE-2013-6417.patch contains the patch.
-
Submitted by
Jordi Massaguer (jordimassaguerpla)
Fixed bugs
bnc#853633
VUL-0: CVE-2013-6414: rubygem-actionpack: Action View DoS
bnc#853632
VUL-0: CVE-2013-6415: rubygem-actionpack: number_to_currency XSS
bnc#853627
VUL-0: CVE-2013-6417: rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155)
bnc#853625
VUL-0: CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS
