/[advisories]/10497.adv

Diff of /10497.adv

-revision 157 by claire,
Sun Jul  7 12:34:59 2013 UTC
+revision 167 by tmb,
Tue Jul  9 18:26:08 2013 UTC
 Line 7 
 src:
     core:
       - rubygem-passenger-3.0.21-2.mga3
  description: |
-   Phusion Passenger’s code did not always create temporary files and directories
+   Phusion Passengers code did not always create temporary files and directories
    in a secure manner. Temporary files and directories were sometimes created
    with a predictable filename. A local attacker can pre-create temporary files,
    resulting in a denial of service. In addition, this vulnerability allows a
 Line 15 
 description: |
    files (CVE-2013-2119).
    The rubygem-passenger package has been upgraded to version 3.0.21, which fixes
-   this issue, as well as many others although at the moment has some issues
+   this issue, as well as many others although at the moment has further issues
-   which will be fixed with a further update (mga#10728).
+   which will be fixed with another update (mga#10728).
  references:
   - http://blog.phusion.nl/2013/05/29/phusion-passenger-3-0-21-released/
   - http://blog.phusion.nl/2013/05/29/phusion-passenger-4-0-5-released/
   - https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108443.html
+  - https://bugs.mageia.org/show_bug.cgi?id=10728
   - https://bugs.mageia.org/show_bug.cgi?id=10497
+ ID: MGASA-2013-0205

 Legend:



Removed from v.157
 


changed lines


 
Added in v.167
 Legend:



Removed from v.157
 


changed lines


 
Added in v.167
-Removed from v.157
+Added in v.167

	ViewVC Help
Powered by ViewVC 1.1.30