File _patchinfo of Package patchinfo.1919

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.1919

<patchinfo incident="1919">
  <issue id="963335" tracker="bnc">VUL-0: CVE-2015-7581: rubygem-actionpack: unbounded memory growth DoS via wildcard controller routes</issue>
  <issue id="963331" tracker="bnc">VUL-1: CVE-2016-0751: rubygem-actionpack: Object Leak DoS</issue>
  <issue id="963332" tracker="bnc">VUL-0: CVE-2016-0752: rubygem-actionpack, rubygem-actionview: directory traversal and information leak in Action View</issue>
  <issue id="963329" tracker="bnc">VUL-0: CVE-2015-7576: rubygem-actionpack, rubygem-activesupport: Timing attack vulnerability in basic authentication in Action Controller</issue>
  <issue id="CVE-2015-7576" tracker="cve" />
  <issue id="CVE-2016-0752" tracker="cve" />
  <issue id="CVE-2015-7581" tracker="cve" />
  <issue id="CVE-2016-0751" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jordimassaguerpla</packager>
  <description>
This update for rubygem-actionpack-4_2 fixes the following issues:

- CVE-2016-0751: Object Leak DoS (bsc#963331)
- CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes (bsc#963335) 
- CVE-2016-0752: directory traversal and information leak in Action View (bsc#963332) 
- CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller (bsc#963329)
</description>
  <summary>Security update for rubygem-actionpack-4_2</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.1919

Places