FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rubygem-rails -- session-fixation vulnerability

Affected packages
rubygem-rails < 1.2.6

Details

VuXML ID 30acb8ae-9d46-11dc-9114-001c2514716c
Discovery 2007-11-24
Entry 2007-11-27

Rails core team reports:

The rails core team has released ruby on rails 1.2.6 to address a bug in the fix for session fixation attacks (CVE-2007-5380). The CVE Identifier for this new issue is CVE-2007-6077.

References

CVE Name CVE-2007-6077