--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-10484
2009-10-14 00:49:00
--------------------------------------------------------------------------------
Name : rubygem-activeresource
Product : Fedora 11
Version : 2.3.2
Release : 2.fc11
URL : https://rubyonrails.org/
Summary : Active Record for web resources
Description :
Wraps web resources in model classes that can be manipulated through XML over
REST.
--------------------------------------------------------------------------------
Update Information:
- Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for
existing applications
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 7 2009 David Lutterkort - 1:2.3.2-2
- Bump epoch; rails is not updatable across versions (bz 520843)
* Sun Sep 27 2009 Mamoru Tasaka - 2.3.3-2
- Force rebuild
* Sun Jul 26 2009 Jeroen van Meeuwen - 2.3.3-1
- New upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #520843 - CVE-2009-3009 ruby-activesupport: XSS vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=520843
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-activeresource' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce