Fedora 23: rubygem-activerecord Security Update
Summary
Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database
tables and classes together for business objects, like Customer or
Subscription, that can find, save, and destroy themselves without resorting to
manual SQL.
Update Information:
Security fix for CVE-2015-7577 Security fix for CVE-2016-0753
Change Log
References
[ 1 ] Bug #1301973 - CVE-2016-0753 rubygem-activemodel, rubygem-activerecord: possible input validation circumvention in Active Model https://bugzilla.redhat.com/show_bug.cgi?id=1301973 [ 2 ] Bug #1301957 - CVE-2015-7577 rubygem-activerecord: Nested attributes rejection proc bypass in Active Record https://bugzilla.redhat.com/show_bug.cgi?id=1301957
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-activerecord' at the command line. For more information, refer to "Managing Software with yum", available at .