Overview Details

File _patchinfo of Package patchinfo

<patchinfo>
  <issue id="809940" tracker="bnc">CVE-2013-1857: rubygem-actionpack*: XSS Vulnerability in the `sanitize` helper of Ruby on Rails</issue>
  <issue id="809935" tracker="bnc">CVE-2013-1855: rubygem-actionpack*: XSS vulnerability in sanitize_css in Action Pack</issue>
  <issue id="CVE-2013-1855" tracker="cve" />
  <issue id="CVE-2013-1857" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jordimassaguerpla</packager>
  <description>
Changes in rubygem-actionpack-3_2:
- add 2 patches to fix security issues:
  - bug-809935_3-2-css_sanitize.patch:
    CVE-2013-1855: rubygem-actionpack*: XSS vulnerability in
    sanitize_css in Action Pack (bnc#809935)
  - bug-809940_3-2-sanitize_protocol.patch:
    CVE-2013-1857: rubygem-actionpack*: XSS Vulnerability in the
    `sanitize` helper of Ruby on Rails (bnc#809940)
</description>
  <summary>update for rubygem-actionpack-3_2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places