Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.2:Update
patchinfo.1299
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.1299
<patchinfo incident="1299"> <packager>darix</packager> <category>security</category> <rating>important</rating> <summary>ruby on rails security update to 2.3.16</summary> <description> This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions was fixed. CVE-2013-0155: Unsafe Query Generation Risk in Ruby on Rails was fixed. CVE-2013-0156: Multiple vulnerabilities in parameter parsing in Action Pack were fixed. </description> <issue tracker="bnc" id="766792"/> <issue tracker="bnc" id="775649"/> <issue tracker="bnc" id="775653"/> <issue tracker="bnc" id="796712"/> <issue tracker="bnc" id="797449"/> <issue tracker="bnc" id="797452"/> <issue tracker="bnc" id="798452"/> <issue tracker="bnc" id="798458"/> <issue tracker="bnc" id="800320"/> <issue tracker="cve" id="CVE-2012-2695"/> <issue tracker="cve" id="CVE-2012-5664"/> <issue tracker="cve" id="CVE-2013-0155"/> <issue tracker="cve" id="CVE-2013-0156"/> <issue tracker="cve" id="CVE-2013-0333"/> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor