You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa rubygem-sprockets

Sigurnosni nedostatak programskog paketa rubygem-sprockets

by ncert - 0

——————————————————————————–
Fedora Update Notification
FEDORA-2014-15489
2014-11-20 22:04:35
——————————————————————————–

Name : rubygem-sprockets
Product : Fedora 20
Version : 2.8.2
Release : 5.fc20
URL : http://getsprockets.org/
Summary : Rack-based asset packaging system
Description :
Sprockets is a Rack-based asset packaging system that concatenates and serves
JavaScript, CoffeeScript, CSS, LESS, Sass, and SCSS.

——————————————————————————–
Update Information:

Contains fix for CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure
——————————————————————————–
ChangeLog:

* Tue Nov 18 2014 Josef Stribny <jstribny@redhat.com> – 2.8.2-5
– Fix CVE-2014-7819 (rhbz#1164331)
——————————————————————————–
References:

[ 1 ] Bug #1161527 – CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1161527
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update rubygem-sprockets’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-15413
2014-11-20 08:43:33
——————————————————————————–

Name : rubygem-sprockets
Product : Fedora 21
Version : 2.12.1
Release : 3.fc21
URL : http://getsprockets.org/
Summary : Rack-based asset packaging system
Description :
Sprockets is a Rack-based asset packaging system that concatenates and serves
JavaScript, CoffeeScript, CSS, LESS, Sass, and SCSS.

——————————————————————————–
Update Information:

Contains fix for CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure
——————————————————————————–
ChangeLog:

* Tue Nov 18 2014 Josef Stribny <jstribny@redhat.com> – 2.12.1-3
– Fix CVE-2014-7819 (rhbz#1164331)
——————————————————————————–
References:

[ 1 ] Bug #1161527 – CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1161527
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update rubygem-sprockets’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

ncert
Top
More in Preporuke
Ranjivost programske biblioteke libvirt

Otkrivene su tri ranjivosti programske biblioteke libvirt za Fedoru. Ranjivosti udaljenim autenticiranim korisnicima omogućuju izazvanje DoS stanja te pribavljanje VNC...

Close