Fedora 9: 2009-2335 High: Rubygem-Actionpack CGI Injection
fedora
February 27, 2009
CVE-2008-5189: CGI header injection vulnerability
Summary
Eases web-request routing, handling, and response as a half-way front,
half-way page controller. Implemented with specific emphasis on enabling easy
unit/integration testing that doesn't require a browser.
CVE-2008-5189: CGI header injection vulnerability
* Thu Feb 26 2009 Jeroen van Meeuwen
- Fix CVE-2008-5189
* Tue Sep 16 2008 David Lutterkort
- New version (fixes CVE-2008-4094)
* Thu Jul 31 2008 Michael Stahnke
- New Upstream
[ 1 ] Bug #472510 - CVE-2008-5189 rubygems-actionpack: redirect HTTP header injection vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=472510
su -c 'yum update rubygem-actionpack' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Topics Covered
Change Log
References
Update Instructions
PREVIOUS
NEXT
Product: Fedora 9
Version: 2.1.1
Release: 2.fc9
Summary: Web-flow and rendering framework putting the VC in MVC
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!