You are here
Home > Preporuke > Sigurnosni propust programskog paketa rubygem-passenger

Sigurnosni propust programskog paketa rubygem-passenger

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2015-1151
2015-01-25 23:44:47
——————————————————————————–

Name : rubygem-passenger
Product : Fedora 20
Version : 4.0.53
Release : 3.fc20
URL : https://www.phusionpassenger.com
Summary : Phusion Passenger application server
Description :
Phusion Passenger® is a web server and application server, designed to be fast,
robust and lightweight. It takes a lot of complexity out of deploying web apps,
adds powerful enterprise-grade features that are useful in production,
and makes administration much easier and less complex. It supports Ruby,
Python, Node.js and Meteor.

——————————————————————————–
Update Information:

build for f20 (#1058993)
——————————————————————————–
ChangeLog:

* Mon Dec 15 2014 Brett Lentz <blentz@redhat.com> – 4.0.53-3
– build for f20 (#1058993)
* Thu Nov 20 2014 Jan Kaluza <jkaluza@redhat.com> – 4.0.53-2
– get agents_dir from locations.ini
* Fri Oct 3 2014 Jan Kaluza <jkaluza@redhat.com> – 4.0.53-1
– update to version 4.0.53
* Wed Sep 24 2014 Jan Kaluza <jkaluza@redhat.com> – 4.0.50-2
– remove old BuildRequires and tmpfiles.d conditions
* Mon Sep 15 2014 Jan Kaluza <jkaluza@redhat.com> – 4.0.50-1
– update to new version 4.0.50
* Tue May 13 2014 Jan Kaluza <jkaluza@redhat.com> – 4.0.38-1
– renamed from rubygem-passenger to passenger
– changed the packaging structure to be closer to upstream
– update to 4.0.38 (#1060106)
– fix for CVE-2014-1831 and CVE-2014-1832
– use real commands without macros
– do not bundle libeio
* Thu Jan 23 2014 Joe Orton <jorton@redhat.com> – 4.0.18-5
– fix _httpd_mmn expansion in absence of httpd-devel
* Thu Nov 14 2013 Jan Kaluza <jkaluza@redhat.com> – 4.0.18-4
– load native library from proper path
* Thu Oct 31 2013 Jan Kaluza <jkaluza@redhat.com> – 4.0.18-3
– fix #1021940 – add locations.ini with proper Fedora locations
——————————————————————————–
References:

[ 1 ] Bug #1058993 – rubygem-passenger: insecure use of temporary files [fedora-20]
https://bugzilla.redhat.com/show_bug.cgi?id=1058993
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update rubygem-passenger’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorTomislav Protega
Cert idNCERT-REF-2015-02-0015-ADV
CveCVE-2014-1831 CVE-2014-1832
ID izvornikaFEDORA-2015-1151
Proizvodrubygem-passenger
Izvorhttp://www.redhat.com
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa krb5

Otkriveni su sigurnosni nedostaci u programskom paketu krb5 za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close