Debian 11: 2023-b1854ff321 Important: Python-Django Security Update
fedora
February 28, 2016
Security fix for CVE-2015-7581 Security fix for CVE-2016-0751 Security fix for CVE-2015-7576
Summary
Eases web-request routing, handling, and response as a half-way front,
half-way page controller. Implemented with specific emphasis on enabling easy
unit/integration testing that doesn't require a browser.
Update Information:
Security fix for CVE-2015-7581 Security fix for CVE-2016-0751 Security fix for CVE-2015-7576
Change Log
References
[ 1 ] Bug #1301933 - CVE-2015-7576 rubygem-actionpack: Timing attack vulnerability in basic authentication in Action Controller
https://bugzilla.redhat.com/show_bug.cgi?id=1301933
[ 2 ] Bug #1301946 - CVE-2016-0751 rubygem-actionpack: possible object leak and denial of service attack in Action Pack
https://bugzilla.redhat.com/show_bug.cgi?id=1301946
[ 3 ] Bug #1301981 - CVE-2015-7581 rubygem-actionpack: Object leak vulnerability for wildcard controller routes in Action Pack
https://bugzilla.redhat.com/show_bug.cgi?id=1301981
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-actionpack' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: rubygem-actionpack
Product: Fedora 23
Version: 4.2.3
Release: 4.fc23
Summary: Web-flow and rendering framework putting the VC in MVC
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!