subject:"Bug#558685\: some more information and patch on rails issues"

Bug#558685: some more information and patch on rails issues

2010-01-30 Thread Micah Anderson

* Steffen Joeris steffen.joe...@skolelinux.de [2010-01-30 17:13-0500]: Hi Adam These issues have been assigned CVE ids, see below: CVE-2009-4214[0]: | Cross-site scripting (XSS) vulnerability in the strip_tags function in | Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote

Bug#558685: some more information and patch on rails issues

2009-12-24 Thread Steffen Joeris

Hi Adam These issues have been assigned CVE ids, see below: CVE-2009-4214[0]: | Cross-site scripting (XSS) vulnerability in the strip_tags function in | Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote | attackers to inject arbitrary web script or HTML via vectors involving |