-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-10484 2009-10-14 00:49:00 --------------------------------------------------------------------------------
Name : rubygem-rails Product : Fedora 11 Version : 2.3.2 Release : 5.fc11 URL : http://www.rubyonrails.org Summary : Web-application framework Description : Rails is a framework for building web-application using CGI, FCGI, mod_ruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates. -------------------------------------------------------------------------------- Update Information: - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 7 2009 David Lutterkort <[email protected]> - 1:2.3.2-5 - Remove geminstdir/guides from files; it's not in 2.3.2 * Wed Oct 7 2009 David Lutterkort <[email protected]> - 1:2.3.2-4 - Bump epoch; rails is not updatable across versions (bz 520843) * Wed Sep 30 2009 David Lutterkort <[email protected]> - 2.3.3-4 - Restore fix for bz 496480 * Sun Sep 27 2009 Mamoru Tasaka <[email protected]> - 2.3.3-3 - Force rebuild * Wed Aug 12 2009 Jeroen van Meeuwen <[email protected]> - 2.3.3-2 - Don't delete zero-length files (#496480, mtasaka) * Sun Jul 26 2009 Jeroen van Meeuwen <[email protected]> - 2.3.3-1 - New upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #520843 - CVE-2009-3009 ruby-activesupport: XSS vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=520843 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-rails' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list [email protected] http://www.redhat.com/mailman/listinfo/fedora-package-announce
