Fedora 10 Security Update: rubygem-actionpack-2.1.1-5.fc10

Article Source Fedora 10 Security Updates
December 9, 2009, 7:28 pm

Resolved Bugs
542786 – rubygem-actionpack: XSS weakness in strip_tags
544329 – rubygem-actionpack: Potential CSRF protection circumvention

Two security issues are found on activepack shipped on Fedora 10. One bug is that there is a weakness in the strip_tags function in ruby on rails (bug 542786, CVE-2009-4214). Another one is a possibility to circumvent protection against cross-site request forgery (CSRF) attacks (bug 544329). This new rpm will fix these issues…

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Achieving Log Centralization and Analysis with Open Source SIEM and XDR: UTMStack

RELATED ARTICLES MORE FROM AUTHOR