*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
This critical security patch has been out for a little over a week but there has been no corresponding update to Ubuntu's packages. I suspect it might have been missed. Here is an excerpt from the Rails blog: "I'd like to announce that 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been released. These releases contain two extremely critical security fixes so please update IMMEDIATELY. "You can read about the security fixes by following these links: " CVE-2013-0155 [https://groups.google.com/group/rubyonrails-security/browse_thread/thread/b75585bae4326af2] " CVE-2013-0156 [https://groups.google.com/group/rubyonrails-security/browse_thread/thread/eb56e482f9d21934]"; Hopefully this is the right place to report this. ** Affects: ruby-rails-2.3 (Ubuntu) Importance: Undecided Status: New -- Upgrade to 2.3.15 for "extremely critical security fixes" (CVE-2013-0155) and (CVE-2013-0156) https://bugs.launchpad.net/bugs/1100590 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
