Fedora 10 Security Update: rubygem-actionpack-2.1.1-5.fc10

Article Source Fedora 10 Security Updates
December 9, 2009, 7:28 pm

Resolved Bugs
542786 – rubygem-actionpack: XSS weakness in strip_tags
544329 – rubygem-actionpack: Potential CSRF protection circumvention

Two security issues are found on activepack shipped on Fedora 10. One bug is that there is a weakness in the strip_tags function in ruby on rails (bug 542786, CVE-2009-4214). Another one is a possibility to circumvent protection against cross-site request forgery (CSRF) attacks (bug 544329). This new rpm will fix these issues…

RELATED ARTICLESMORE FROM AUTHOR

Xen 4.19 is released

Advancing Xen on RISC-V: key updates

AI Produces Data-driven OpenFOAM Speedup (HPC Wire)

Delivering Prime Training Deals – 2 DAYS ONLY

Why You Need to Know About Event Modeling: —An Intro

RELATED ARTICLES MORE FROM AUTHOR