Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 12: 2010-12345 Moderate: Rubygem-Activesupport Vulnerability Patch

fedora
Calendar Grey October 13, 2009
Dist Fedora Esm H88
Rubygem-activerecord patches CVE-2009-3009 for Fedora installations. Mitigate risks associated with current deployments.
- Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications

Summary

Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database

tables and classes together for business objects, like Customer or

Subscription, that can find, save, and destroy themselves without resorting to

manual SQL.

Update Information:

- Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications

Topics%20covered

Topics Covered

security advisory moderate Fedora XSS rubygem-activerecord update issues Rails

Change Log

* Wed Oct 7 2009 David Lutterkort - 1:2.3.2-2 - Bump epoch; rails is not updatable across versions (bz 520843) * Sun Sep 27 2009 Mamoru Tasaka - 2.3.3-2 - Force rebuild * Sun Jul 26 2009 Jeroen van Meeuwen - 2.3.3-1 - New upstream version

References


[ 1 ] Bug #520843 - CVE-2009-3009 ruby-activesupport: XSS vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=520843

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-activerecord' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: rubygem-activerecord
Product: Fedora 11
Version: 2.3.2
Release: 2.fc11
URL: https://rubyonrails.org/
Summary: Implements the ActiveRecord pattern for ORM

Topics%20covered

Topics Covered

security advisory moderate Fedora XSS rubygem-activerecord update issues Rails

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here