Ubuntu
ruby-actionpack-3.2 package

  1. Bug #1100162
  2. Comment #5

Comment 5 for bug 1100162

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ruby-actionpack-3.2 - 3.2.6-4ubuntu0.1

---------------
ruby-actionpack-3.2 (3.2.6-4ubuntu0.1) quantal-security; urgency=low

  * SECURITY UPDATE: Unsafe Query Generation Risk in Ruby on Rails
    (LP: #1100162)
    - debian/patches/CVE-2013-0155: Strip nils from collections on JSON and
      XML posts. Based on upstream patch.
    - CVE-2013-0155
 -- Christian Kuersteiner <email address hidden> Wed, 16 Jan 2013 14:20:55 +0700