SUSE-SU-2016:0435-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2016:0435-1

Related

Published

2016-02-11T16:47:38Z

Modified

2016-02-11T16:47:38Z

Summary

Security update for rubygem-activesupport-4_2

Details

This update for rubygem-activesupport-4_2 fixes the following issues:

CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller (bsc#963329)
CVE-2016-0753: Input Validation Circumvention (bsc#963334)

References

Affected packages

Name: rubygem-activesupport-4_2
Purl: purl:rpm/suse/rubygem-activesupport-4_2&distro=SUSE%20Enterprise%20Storage%202.1

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.2-6.1

{
    "binaries": [
        {
            "ruby2.1-rubygem-activesupport-4_2": "4.2.2-6.1"
        }
    ]
}