[DRE-maint] Bug#683370: CVE-2012-3424
Moritz Muehlenhoff
muehlenhoff at univention.de
Tue Jul 31 08:04:14 UTC 2012
Package: ruby-actionpack-3.2
Severity: grave
Tags: security
Please see
https://groups.google.com/forum/?fromgroups#!topic/rubyonrails-security/vxJjrc15qYM
http://weblog.rubyonrails.org/2012/7/26/ann-rails-3-2-7-has-been-released/
Stable should not be affected.
The fix is here:
https://github.com/rails/rails/commit/27311fef5efa598f281649074255834546d2b4ec
Please upload an isolated fix for sid and ask for an unblock request.
Cheers,
Moritz
More information about the Pkg-ruby-extras-maintainers
mailing list