Overview

File _patchinfo of Package patchinfo.3655

<patchinfo incident="3655">
  <issue id="898205" tracker="bnc">VUL-0: CVE-2013-0334: rubygem-bundler: Bundler may install gems from a different source than expected</issue>
  <issue id="CVE-2013-0334" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jordimassaguerpla</packager>
  <description>rubygem-bunder was updated to fix security vulnerabilities and non-security issues

The following security issues were fixed:

* Hide credentials while warning about gems with ambiguous sources
* Warn when more than one top-level source is present
* Bundler may install gems from a different source than expected (CVE-2013-0334) (bnc#898205)

In addition, rubygem-bundler was udpated to 1.8.4 to fix non-security issues.
</description>
  <summary>Security update for rubygem-bundler</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places