Mailinglist Archive: opensuse-security-announce (43 mails)

< Previous Next >
[security-announce] SUSE-SU-2013:0508-1: important: Security update for rubygem-merb-core
SUSE Security Update: Security update for rubygem-merb-core
______________________________________________________________________________

Announcement ID: SUSE-SU-2013:0508-1
Rating: important
References: #805759
Cross-References: CVE-2012-2695 CVE-2012-5664 CVE-2012-6109
CVE-2013-0155 CVE-2013-0156 CVE-2013-0183
CVE-2013-0184
Affected Products:
SUSE Cloud 1.0
______________________________________________________________________________

An update that fixes 7 vulnerabilities is now available.

Description:


rubygem-merb-core has been updated to change the rack
version dependency. Now any rack 1.1 version is accepted.

This update needs to be installed in parallel with the
2.3.17 rails update.

Security Issue references:

* CVE-2013-0184
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
>
* CVE-2012-6109
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
>
* CVE-2013-0183
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
>
* CVE-2012-5664
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5664
>
* CVE-2012-2695
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2695
>
* CVE-2013-0155
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
>
* CVE-2013-0156
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156
>


Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Cloud 1.0:

zypper in -t patch sleclo10sp2-rubygem-merb-core-7405

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Cloud 1.0 (x86_64):

rubygem-merb-core-1.1.3-0.9.1


References:

http://support.novell.com/security/cve/CVE-2012-2695.html
http://support.novell.com/security/cve/CVE-2012-5664.html
http://support.novell.com/security/cve/CVE-2012-6109.html
http://support.novell.com/security/cve/CVE-2013-0155.html
http://support.novell.com/security/cve/CVE-2013-0156.html
http://support.novell.com/security/cve/CVE-2013-0183.html
http://support.novell.com/security/cve/CVE-2013-0184.html
https://bugzilla.novell.com/805759

http://download.novell.com/patch/finder/?keywords=fe3baf16da4284805596caf983f71fcc

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages