FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rails -- multiple vulnerabilities

Affected packages
rubygem-actionmailer < 3.2.16
rubygem-actionpack < 3.2.16
rubygem-activemodel < 3.2.16
rubygem-activerecord < 3.2.16
rubygem-activeresource < 3.2.16
rubygem-activesupport < 3.2.16
rubygem-rails < 3.2.16
rubygem-railties < 3.2.16
rubygem-actionpack4 < 4.0.2
rubygem-activesupport4 < 4.0.2

Details

VuXML ID 6a806960-3016-44ed-8575-8614a7cb57c7
Discovery 2013-12-03
Entry 2013-12-08
Modified 2014-04-23

Rails weblog:

Rails 3.2.16 and 4.0.2 have been released! These two releases contain important security fixes, so please upgrade as soon as possible! In order to make upgrading as smooth as possible, we've only included commits directly related to each security issue.

The security fixes in 3.2.16 are:

The security fixes in 4.0.2 are:

References

CVE Name CVE-2013-4491
CVE Name CVE-2013-6414
CVE Name CVE-2013-6415
CVE Name CVE-2013-6416
CVE Name CVE-2013-6417
URL http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/