Overview Details

File _patchinfo of Package patchinfo

<patchinfo>
  <issue id="853633" tracker="bnc">VUL-0: CVE-2013-6414: rubygem-actionpack: Action View DoS</issue>
  <issue id="853632" tracker="bnc">VUL-0: CVE-2013-6415: rubygem-actionpack: number_to_currency XSS</issue>
  <issue id="853627" tracker="bnc">VUL-0: CVE-2013-6417: rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155)</issue>
  <issue id="853625" tracker="bnc">VUL-0: CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS</issue>
  <issue id="CVE-2013-6414" tracker="cve" />
  <issue id="CVE-2013-6415" tracker="cve" />
  <issue id="CVE-2013-0155" tracker="cve" />
  <issue id="CVE-2013-6417" tracker="cve" />
  <issue id="CVE-2013-4491" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jordimassaguerpla</packager>
  <description>
- fix CVE-2013-4491: rubygem-actionpack: i18n missing translation 
  XSS (bnc#853625). File CVE-2013-4491.patch contains the patch
- fix CVE-2013-6414: rubygem-actionpack: Action View DoS 
  (bnc#853633). File CVE-2013-6414.patch contains the patch.
- fix CVE-2013-6415: rubygem-actionpack: number_to_currency XSS 
  (bnc#853632). File CVE-2013-6415.patch contains the patch.
- fix CVE-2013-6417: rubygem-actionpack: unsafe query generation 
  risk (incomplete fix for CVE-2013-0155) (bnc#853627). File 
  CVE-2013-6417.patch contains the patch.
</description>
  <summary>update for rubygem-actionpack-3_2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places