Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisoryfedorasoftware updateFedora 39: 2023-4f0bb4ff5e Moderate Ruby ActionMailer Permissions Bug
Ruby on Rails security upgrade: - Versions-7-0-7-2-6-1-7-6-have-been-released - incorrect file permissions on encrypted files. Exploit not known.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-4f0bb4ff5e 2023-09-15 18:36:13.240099 -------------------------------------------------------------------------------- Name : rubygem-actionmailer Product : Fedora 39 Version : 7.0.7.2 Release : 1.fc39 URL : https://rubyonrails.org Summary : Email composition and delivery framework (part of Rails) Description : Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. -------------------------------------------------------------------------------- Update Information: Ruby on Rails security upgrade: - Versions-7-0-7-2-6-1-7-6-have-been-released - incorrect file permissions on encrypted files. Exploit not known. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 28 2023 Pavel Valena - 1:7.0.7.2-1 - Update to actionmailer 7.0.7.2. -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4f0bb4ff5e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Sep 15, 2023
Fedora
89
security advisoryupdateFedoraFedora 37: FEDORA-2023-7002afbbb8 moderate: actionmailer XSS Threat
Update to Ruby on Rails 7.0.4.3. https://rubyonrails.org/2023/3/13/Rails-7-0-4-3-and-6-1-7-3-have-been-released. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-7002afbbb8 2023-04-05 01:34:43.146270 --------------------------------------------------------------------------------Name : rubygem-actionmailer Product : Fedora 37 Version : 7.0.4.3 Release : 1.fc37 URL : https://rubyonrails.org Summary : Email composition and delivery framework (part of Rails) Description : Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. --------------------------------------------------------------------------------Update Information: Update to Ruby on Rails 7.0.4.3. https://rubyonrails.org/2023/3/13/Rails-7-0-4-3-and-6-1-7-3-have-been-released --------------------------------------------------------------------------------ChangeLog: * Tue Mar 14 2023 Pavel Valena - 1:7.0.4.3-1 - Update to actionmailer 7.0.4.3. --------------------------------------------------------------------------------References: [ 1 ] Bug #2179637 - CVE-2023-28120 rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice https://bugzilla.redhat.com/show_bug.cgi?id=2179637 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-7002afbbb8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2023
Fedora
89
security advisorymoderateFedoraFedora 39: FEDORA-2023-c0698ab2f3 High: CSRF Vulnerability in MailServer
Update to 7.0.4.3. https://rubyonrails.org/2023/3/13/Rails-7-0-4-3-and-6-1-7-3-have-been-released. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-d6157bb1e2 2023-04-01 00:15:35.161368 --------------------------------------------------------------------------------Name : rubygem-actionmailer Product : Fedora 38 Version : 7.0.4.3 Release : 1.fc38 URL : https://rubyonrails.org Summary : Email composition and delivery framework (part of Rails) Description : Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. --------------------------------------------------------------------------------Update Information: Update to 7.0.4.3. https://rubyonrails.org/2023/3/13/Rails-7-0-4-3-and-6-1-7-3-have-been-released --------------------------------------------------------------------------------ChangeLog: * Tue Mar 14 2023 Pavel Valena - 1:7.0.4.3-1 - Update to actionmailer 7.0.4.3. --------------------------------------------------------------------------------References: [ 1 ] Bug #2179637 - CVE-2023-28120 rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice https://bugzilla.redhat.com/show_bug.cgi?id=2179637 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-d6157bb1e2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 01, 2023
Fedora
89
security advisorysecurity updateFedoraFedora 33: FEDORA-2020-4dd34860a3 Moderate: Actionmailer Security Fix
Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529 #1852381. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-4dd34860a3 2020-10-05 00:15:05.246453 --------------------------------------------------------------------------------Name : rubygem-actionmailer Product : Fedora 33 Version : 6.0.3.3 Release : 1.fc33 URL : https://rubyonrails.org Summary : Email composition and delivery framework (part of Rails) Description : Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. --------------------------------------------------------------------------------Update Information: Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529 #1852381 --------------------------------------------------------------------------------ChangeLog: * Tue Sep 22 2020 Pavel Valena - 1:6.0.3.3-1 - Update to actionmailer 6.0.3.3. Resolves: rhbz#1877505 --------------------------------------------------------------------------------References: [ 1 ] Bug #1831529 - CVE-2020-5267 rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1831529 [ 2 ] Bug #1852381 - CVE-2020-8185 rubygem-rails: untrusted users able to run pending migrations in production [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1852381 [ 3 ] Bug #1877568 - CVE-2020-15169 rubygem-actionview: rubygem-activeview: Cross-site scripting in translation helpers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1877568 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-4dd34860a3' at the command line. For more information, refer to the dnfdocumentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 04, 2020
Fedora
89
security advisorymoderatesecurity updateFedora 30 FEDORA-2019-1cfe24db5c Moderate: Actionmailer Exec Flaws
Update Ruby on Rails to 5.2.3. Fixes CVE-2019-5418 CVE-2019-5419 CVE-2019-5420.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-1cfe24db5c 2019-05-10 00:46:38.157347 --------------------------------------------------------------------------------Name : rubygem-actionmailer Product : Fedora 30 Version : 5.2.3 Release : 1.fc30 URL : https://rubyonrails.org/ Summary : Email composition, delivery, and receiving framework (part of Rails) Description : Email on Rails. Compose, deliver, receive, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. --------------------------------------------------------------------------------Update Information: Update Ruby on Rails to 5.2.3. Fixes CVE-2019-5418 CVE-2019-5419 CVE-2019-5420. --------------------------------------------------------------------------------ChangeLog: * Thu Mar 28 2019 Pavel Valena - 1:5.2.3-1 - Update to Action Mailer 5.2.3. * Thu Mar 14 2019 Pavel Valena - 1:5.2.2.1-1 - Update to Action Mailer 5.2.2.1. --------------------------------------------------------------------------------References: [ 1 ] Bug #1689161 - CVE-2019-5418 CVE-2019-5419 rubygem-actionview: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1689161 [ 2 ] Bug #1689155 - CVE-2019-5420 rubygem-rails: Weak secret token leading to possible code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1689155 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-1cfe24db5c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys usedby the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 09, 2019
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!