This update fixes the following security issues with rubygem-actionpack-3_2:
- fix CVE-2013-4389: rubygem-actionmailer-3_1: possible DoS
vulnerability in the log subscriber component (bnc#846239)
File CVE-2013-4389.patch contains the fix.
- fix CVE-2013-4491: rubygem-actionpack: i18n missing translation
XSS (bnc#853625). File CVE-2013-4491.patch contains the patch
- fix CVE-2013-6414: rubygem-actionpack: Action View DoS
(bnc#853633). File CVE-2013-6414.patch contains the patch.
- fix CVE-2013-6415: rubygem-actionpack: number_to_currency XSS
(bnc#853632). File CVE-2013-6415.patch contains the patch.
- fix CVE-2013-6417: rubygem-actionpack: unsafe query generation
risk (incomplete fix for CVE-2013-0155) (bnc#853627). File
CVE-2013-6417.patch contains the patch.
- Submitted by Jordi Massaguer (jordimassaguerpla)