thr3ads.net - Secure testing team - [Secure-testing-team] Bug#684454: ruby-actionpack-3.2: CVE-2012-3463 / CVE-2012-3464 / CVE-2012-3465 [Aug 2012]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Moritz Muehlenhoff

2012-Aug-10 07:22 UTC

[Secure-testing-team] Bug#684454: ruby-actionpack-3.2: CVE-2012-3463 / CVE-2012-3464 / CVE-2012-3465

Package: ruby-actionpack-3.2
Severity: grave
Tags: security
Justification: user security hole

Please see

CVE-2012-3465
http://www.openwall.com/lists/oss-security/2012/08/09/9


CVE-2012-3464
http://www.openwall.com/lists/oss-security/2012/08/09/10


CVE-2012-3463
http://www.openwall.com/lists/oss-security/2012/08/09/8

Since Wheezy is frozen, please use the isolated patches instead of updating to
3.2.8


Cheers,
        Moritz

Secure testing team - Aug 2012 - Bug#684454: ruby-actionpack-3.2: CVE-2012-3463 / CVE-2012-3464 / CVE-2012-3465

[Secure-testing-team] Bug#684454: ruby-actionpack-3.2: CVE-2012-3463 / CVE-2012-3464 / CVE-2012-3465