Overview

Request 356321 accepted

- fix bnc#963329 - CVE-2016-07576: rubygem-actionpack, rubygem-activesupport:
Timing attack vulnerability in basic authentication in Action Controller
CVE-2016-07576.patch: contains the fix

- fix bnc#963334 - CVE-2016-0753: rubygem-activemodel,
rubygem-activesupport, rubygem-activerecord: Input Validation
Circumvention
CVE-2016-0753.patch: contains the fix

Request History
Jürgen Löhel's avatar

jloehel created request

- fix bnc#963329 - CVE-2016-07576: rubygem-actionpack, rubygem-activesupport:
Timing attack vulnerability in basic authentication in Action Controller
CVE-2016-07576.patch: contains the fix

- fix bnc#963334 - CVE-2016-0753: rubygem-activemodel,
rubygem-activesupport, rubygem-activerecord: Input Validation
Circumvention
CVE-2016-0753.patch: contains the fix

Maintenance Bot's avatar

maintbot added devel:languages:ruby:extensions as a reviewer

Submission by someone who is not maintainer in the devel project. Please review

Maintenance Bot's avatar

maintbot accepted review

accepted

Jordi Massaguer's avatar

jordimassaguerpla accepted review

thanks jloehel

Jordi Massaguer's avatar

jordimassaguerpla approved review

thanks jloehel

Andreas Stieger's avatar

AndreasStieger moved maintenance target to openSUSE:Maintenance:4604

Andreas Stieger's avatar

AndreasStieger accepted request

ok

openSUSE Build Service is sponsored by
Places