Overview

File _patchinfo of Package patchinfo.1908

<patchinfo incident="1908">
  <issue id="963326" tracker="bnc">VUL-0: CVE-2015-7578: rubygem-rails-html-sanitizer: XSS vulnerability via attributes</issue>
  <issue id="963327" tracker="bnc">VUL-0: CVE-2015-7579: rubygem-rails-html-sanitizer: XSS vulnerability in rails-html-sanitizer</issue>
  <issue id="963328" tracker="bnc">VUL-0: CVE-2015-7580: rubygem-rails-html-sanitizer: XSS via whitelist sanitizer</issue>
  <issue id="CVE-2015-7578" tracker="cve" />
  <issue id="CVE-2015-7579" tracker="cve" />
  <issue id="CVE-2015-7580" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jordimassaguerpla</packager>
  <description>
This update for rubygem-rails-html-sanitizer fixes the following issues:

- CVE-2015-7579: XSS vulnerability in rails-html-sanitizer (bsc#963327)
- CVE-2015-7578: XSS vulnerability via attributes (bsc#963326)
- CVE-2015-7580: XSS via whitelist sanitizer (bsc#963328)
</description>
  <summary>Security update for rubygem-rails-html-sanitizer</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places