rubygem-bundler-1.7.8-3.el7, rubygem-thor-0.19.1-1.el7

エラータID: AXSA:2015-789:01

リリース日:

2015/11/26 Thursday - 16:33

題名:

影響のあるチャネル:

Asianux Server 7 for x86_64

Severity:

Moderate

Description:

rubygem-bundler
Bundler manages an application's dependencies through its entire life, across
many machines, systematically and repeatably

rubygem-thor
Thor is a scripting framework that replaces rake, sake and rubigen.

Security issues fixed with this release:

CVE-2013-0334
Bundler before 1.7, when multiple top-level source lines are used,
allows remote attackers to install arbitrary gems by creating a gem
with the same name as another gem in a different source.

* Fixed bugs:

Bundler has been upgraded to upstream version 1.7.8 and Thor has been
upgraded to upstream version 1.19.1, both of which provide a number of bug
fixes and enhancements over the previous versions.

解決策:

Update packages.

CVE:

CVE-2013-0334
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

追加情報:

N/A

ダウンロード:

SRPMS

rubygem-bundler-1.7.8-3.el7.src.rpm
MD5: d574a303efebe8a7900fb271ca657ab8
SHA-256: 50884e2184c54ac98465a5215521b867638b5ae9e32ef520c36222919e382797
Size: 303.44 kB
rubygem-thor-0.19.1-1.el7.src.rpm
MD5: ea41e540327a9c25f9d40e2d0a3df77a
SHA-256: d3ddfe50365019dee97af9891f139c1341e5dd5fd3449f056315a36b35dbd3f2
Size: 92.96 kB

Asianux Server 7 for x86_64

rubygem-bundler-1.7.8-3.el7.noarch.rpm
MD5: ecfc157153a14343ac37cfaef104c023
SHA-256: becb13c7ff30a91cf95046f181b0dca720942fe06122a4a9b593122e9dbc29f3
Size: 145.79 kB
rubygem-thor-0.19.1-1.el7.noarch.rpm
MD5: 188ae2e5dab4ae1148f2ff6445841801
SHA-256: 43b426cf78879de10bf56a3881688512c7a50055449472b9f23ecaa57fe4d2a4
Size: 51.11 kB

Main menu

You are here

rubygem-bundler-1.7.8-3.el7, rubygem-thor-0.19.1-1.el7