Warning: Undefined array key "Description" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 220

Fedora 23 Update: Moderate XSS Fix for rubygem-rails-html-sanitizer

fedora

February 28, 2016

Security fix for CVE-2015-7578 CVE-2015-7579 CVE-2015-7580

Summary

HTML sanitization for Rails applications.

Update Information:

Security fix for CVE-2015-7578 CVE-2015-7579 CVE-2015-7580

Topics Covered

security advisory fedora xss issue rubygem html sanitization

Change Log

References

[ 1 ] Bug #1302014 - CVE-2015-7579 rubygem-rails-html-sanitizer: XSS vulnerability in Action View's strip_tags function https://bugzilla.redhat.com/show_bug.cgi?id=1302014 [ 2 ] Bug #1301920 - CVE-2015-7578 rails-html-sanitizer: XSS vulnerability due to unremoved attributes from tags https://bugzilla.redhat.com/show_bug.cgi?id=1301920

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-rails-html-sanitizer' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity

important

Lowest

Low

Medium

High

Critical

Name: rubygem-rails-html-sanitizer

Product: Fedora 23

Version: 1.0.3

Release: 1.fc23

URL: https://github.com/rails/rails-html-sanitizer

Summary: This gem is responsible to sanitize HTML fragments in Rails applications

Topics Covered

security advisory fedora xss issue rubygem html sanitization

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks