File _patchinfo of Package patchinfo.869

<patchinfo>
  <issue id="775649" tracker="bnc">CVE-2012-3465: rubygem-rails: strip_tags helper incorrenctly handels malformed HTML resulting in XSS flaw</issue>
  <issue id="775653" tracker="bnc">CVE-2012-3464: rubygem-rails: XSS flaws when validating single quote characters</issue>
  <issue id="CVE-2012-3465" tracker="cve" />
  <issue id="CVE-2012-3464" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>darix</packager>
  <description>
- added 3-0-escape_html-activesupport.patch: (bnc#775653)
  Also encode single quote (CVE-2012-3464)

- added 3-0-strip_tags.patch: (bnc#775649)
  Do not mark strip_tags result as html_safe CVE-2012-3465

</description>
  <summary>security update for rubygem-actionpack-2_3, rubygem-activesupport-2_3</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.869

Places