Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:30
Meta
Overview
Repositories
Monitor
Requests
Users
Subprojects
Project Config
Attributes
Signing Keys
Meta
Status
Pulse
Meta Configuration of openSUSE:Maintenance:30
<project name="openSUSE:Maintenance:30" kind="maintenance_incident"> <title>VUL-0: ruby on rails multiple vulnerabilities</title> <description>This update of rails fixes the following security issues: CVE-2011-2930 - SQL-injection in quote_table_name function via specially crafted column names (bnc#712062) CVE-2011-2931 - Cross-Site Scripting (XSS) in the strip_tags helper (bnc#712057) CVE-2011-3186 - Response Splitting (bnc#712058) CVE-2010-3933 - Arbitrary modification of records via specially crafted form parameters (bnc#712058) CVE-2011-0446 - Cross-Site Scripting (XSS) in the mail_to helper (bnc#668817) CVE-2011-0447 - Improper validation of 'X-Requested-With' header (bnc#668817) CVE-2011-0448 - SQL-injection caused by improperly sanitized arguments to the limit function (bnc#668817) CVE-2011-0449 - Bypass of access restrictions via specially crafted action names (bnc#668817) </description> <group groupid="maintenance-opensuse.org" role="maintainer"/> <group groupid="autobuild-team" role="reviewer"/> <build> <disable/> </build> <repository name="openSUSE_11.4_Update_standard"> <releasetarget project="openSUSE:11.4:Update" repository="standard"/> <path project="openSUSE:11.4:Update" repository="standard"/> <arch>i586</arch> <arch>x86_64</arch> </repository> </project>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor