Hello community, here is the log from the commit of package patchinfo.1299 for openSUSE:12.1:Update checked in at 2013-02-12 09:54:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update/patchinfo.1299 (Old) and /work/SRC/openSUSE:12.1:Update/.patchinfo.1299.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.1299", Maintainer is "" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="1299"> <packager>darix</packager> <category>security</category> <rating>important</rating> <summary>ruby on rails security update to 2.3.16</summary> <description> This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions was fixed. CVE-2013-0155: Unsafe Query Generation Risk in Ruby on Rails was fixed. CVE-2013-0156: Multiple vulnerabilities in parameter parsing in Action Pack were fixed. </description> <issue tracker="bnc" id="766792"/> <issue tracker="bnc" id="775649"/> <issue tracker="bnc" id="775653"/> <issue tracker="bnc" id="796712"/> <issue tracker="bnc" id="797449"/> <issue tracker="bnc" id="797452"/> <issue tracker="bnc" id="798452"/> <issue tracker="bnc" id="798458"/> <issue tracker="bnc" id="800320"/> <issue tracker="cve" id="CVE-2012-2695"/> <issue tracker="cve" id="CVE-2012-5664"/> <issue tracker="cve" id="CVE-2013-0155"/> <issue tracker="cve" id="CVE-2013-0156"/> <issue tracker="cve" id="CVE-2013-0333"/> </patchinfo> -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
