[SECURITY] Fedora 19 Update: rubygem-will_paginate-3.0.4-5.fc19
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jan 21 05:52:47 UTC 2014
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-0094
2014-01-03 07:38:06
--------------------------------------------------------------------------------
Name : rubygem-will_paginate
Product : Fedora 19
Version : 3.0.4
Release : 5.fc19
URL : http://github.com/mislav/will_paginate
Summary : Most awesome pagination solution for Rails
Description :
The will_paginate library provides a simple, yet powerful and extensible API
for ActiveRecord pagination and rendering of pagination links in ActionView
templates.
--------------------------------------------------------------------------------
Update Information:
Fix XSS vulnerabilities (CVE-2013-6459).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 10 2014 Vít Ondruch <vondruch at redhat.com> - 3.0.4-5
- Fix XSS vulnerabilities (CVE-2013-6459) (add one more patch pointed out in
the associated bug).
* Thu Jan 2 2014 Vít Ondruch <vondruch at redhat.com> - 3.0.4-2
- Fix XSS vulnerabilities (CVE-2013-6459).
- Disable Sequel test, since Sequel 4.x does not seem to be supported by
will_paginate yet.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1046642 - CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1046642
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-will_paginate' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list