Debian: DSA-5372-1: rails security update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5372-1                   [email protected]
https://www.debian.org/security/                                  Aron Xu
March 13, 2023                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : rails
CVE ID         : CVE-2021-22942 CVE-2021-44528 CVE-2022-21831 CVE-2022-22577 
                 CVE-2022-23633 CVE-2022-27777 CVE-2023-22792 CVE-2023-22794 
                 CVE-2023-22795 CVE-2023-22796
Debian Bug     : 992586 1001817 1011940 1011941 1005389 1016982 1030050

Multiple vunerabilities were discovered in rails, the Ruby based server-side
MVC web application framework, which could result in XSS, data disclosure
and open redirect.

For the stable distribution (bullseye), these problems have been fixed in
version 2:6.0.3.7+dfsg-2+deb11u1.

We recommend that you upgrade your rails packages.

For the detailed security status of rails please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rails

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Debian: DSA-5372-1: rails security update

March 13, 2023
Multiple vunerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect

Summary

For the stable distribution (bullseye), these problems have been fixed in
version 2:6.0.3.7+dfsg-2+deb11u1.

We recommend that you upgrade your rails packages.

For the detailed security status of rails please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rails

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Severity
Multiple vunerabilities were discovered in rails, the Ruby based server-side
MVC web application framework, which could result in XSS, data disclosure
and open redirect.

Related News

Microsoft Opens Azure Confidential Containers to Public Preview

Making The Switch: Exploring The Pros And Cons Of Migrating From Windows To A Linux-Based OS

New Mirai Malware Variant Infects Linux Devices to Build DDoS Botnet

Kali Linux's Last Update for the Year Brings a Lot of Early Christmas Gifts

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy