7 |
core: |
core: |
8 |
- rubygem-passenger-3.0.21-2.mga3 |
- rubygem-passenger-3.0.21-2.mga3 |
9 |
description: | |
description: | |
10 |
Phusion Passenger’s code did not always create temporary files and directories |
Phusion Passengers code did not always create temporary files and directories |
11 |
in a secure manner. Temporary files and directories were sometimes created |
in a secure manner. Temporary files and directories were sometimes created |
12 |
with a predictable filename. A local attacker can pre-create temporary files, |
with a predictable filename. A local attacker can pre-create temporary files, |
13 |
resulting in a denial of service. In addition, this vulnerability allows a |
resulting in a denial of service. In addition, this vulnerability allows a |
15 |
files (CVE-2013-2119). |
files (CVE-2013-2119). |
16 |
|
|
17 |
The rubygem-passenger package has been upgraded to version 3.0.21, which fixes |
The rubygem-passenger package has been upgraded to version 3.0.21, which fixes |
18 |
this issue, as well as many others although at the moment has some issues |
this issue, as well as many others although at the moment has further issues |
19 |
which will be fixed with a further update (mga#10728). |
which will be fixed with another update (mga#10728). |
20 |
references: |
references: |
21 |
- http://blog.phusion.nl/2013/05/29/phusion-passenger-3-0-21-released/ |
- http://blog.phusion.nl/2013/05/29/phusion-passenger-3-0-21-released/ |
22 |
- http://blog.phusion.nl/2013/05/29/phusion-passenger-4-0-5-released/ |
- http://blog.phusion.nl/2013/05/29/phusion-passenger-4-0-5-released/ |
23 |
- https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108443.html |
- https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108443.html |
24 |
|
- https://bugs.mageia.org/show_bug.cgi?id=10728 |
25 |
- https://bugs.mageia.org/show_bug.cgi?id=10497 |
- https://bugs.mageia.org/show_bug.cgi?id=10497 |
26 |
|
ID: MGASA-2013-0205 |