SUSE-SU-2016:0457-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:0457-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2016:0457-1
- Related
- Published
- 2016-02-15T13:25:35Z
- Modified
- 2016-02-15T13:25:35Z
- Summary
- Security update for rubygem-actionpack-4_2
- Details
-
This update for rubygem-actionpack-4_2 fixes the following issues:
- CVE-2016-0751: Object Leak DoS (bsc#963331)
- CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes (bsc#963335)
- CVE-2016-0752: directory traversal and information leak in Action View (bsc#963332)
- CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller (bsc#963329)
- References
-
- https://www.suse.com/support/update/announcement/2016/suse-su-20160457-1/
- https://bugzilla.suse.com/963329
- https://bugzilla.suse.com/963331
- https://bugzilla.suse.com/963332
- https://bugzilla.suse.com/963335
- https://www.suse.com/security/cve/CVE-2015-7576
- https://www.suse.com/security/cve/CVE-2015-7581
- https://www.suse.com/security/cve/CVE-2016-0751
- https://www.suse.com/security/cve/CVE-2016-0752