Alexander Bergmann
abergmann
- maintenance-opensuse.org 19 tasks
- reactive-security 0 tasks
- security-team 3 tasks
Involved Projects and Packages
This update of rails fixes the following security issues:
CVE-2011-2930 - SQL-injection in quote_table_name function via specially crafted column names (bnc#712062)
CVE-2011-2931 - Cross-Site Scripting (XSS) in the strip_tags helper (bnc#712057)
CVE-2011-3186 - Response Splitting (bnc#712058)
CVE-2010-3933 - Arbitrary modification of records via specially crafted form parameters (bnc#712058)
CVE-2011-0446 - Cross-Site Scripting (XSS) in the mail_to helper (bnc#668817)
CVE-2011-0447 - Improper validation of 'X-Requested-With' header (bnc#668817)
CVE-2011-0448 - SQL-injection caused by improperly sanitized arguments to the limit function (bnc#668817)
CVE-2011-0449 - Bypass of access restrictions via specially crafted action names (bnc#668817)
This update fixes the following issues:
- bnc: 689499
- bnc: 745887
- bnc: 744389
- bnc: 732118
- bnc: 744612
- bnc: 714623
Package: openSUSE:12.1:Update:Test/boinc-client
This update fixes the following issues:
- bnc: 717836
- bnc: 640391
Package: openSUSE:12.1:Update:Test/grub
