rails 1.2.5-1 source package in Ubuntu
Changelog
rails (1.2.5-1) unstable; urgency=high
* This is a new upstream release that addresses problems not
corrected in 1.2.4 or regressions.
+ to_json XSS [CVE-2007-3227] is really closed now
+ Potential Information Disclosure or DoS with Hash#from_xml
[CVE-2007-5379]
+ Session Fixation attacks. [CVE-2007-5380] URL based sessions are
now disabled by default. Session ids are only accepted from
cookies by default now.
[Micah Anderson]
* Urgency set to high due to security issues addressed
-- William Grant <email address hidden> Mon, 19 Nov 2007 10:11:03 +0000
Upload details
- Uploaded by:
- William Grant
- Uploaded to:
- Hardy
- Original maintainer:
- Adam Majer
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| rails_1.2.5.orig.tar.gz | 1.5 MiB | 352cd75d3727eaa7baa2a96c07b33162433af871aa1c1b49db341a9d2c4b1cb5 |
| rails_1.2.5-1.diff.gz | 26.8 KiB | c2484120076a11533f643b39aef5693b19aab8a010b74a54f1b9786b3f706812 |
| rails_1.2.5-1.dsc | 607 bytes | 6f6494ab863d849a397e916ffa6de5aef9bc66d4d22971781c2c9ddb11448f78 |
Binary packages built by this source
- rails: No summary available for rails in ubuntu hardy.
No description available for rails in ubuntu hardy.
