SUSE-SU-2013:0508-1: important: Security update for rubygem-merb-core
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Mar 20 10:04:39 MDT 2013
SUSE Security Update: Security update for rubygem-merb-core
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:0508-1
Rating: important
References: #805759
Cross-References: CVE-2012-2695 CVE-2012-5664 CVE-2012-6109
CVE-2013-0155 CVE-2013-0156 CVE-2013-0183
CVE-2013-0184
Affected Products:
SUSE Cloud 1.0
______________________________________________________________________________
An update that fixes 7 vulnerabilities is now available.
Description:
rubygem-merb-core has been updated to change the rack
version dependency. Now any rack 1.1 version is accepted.
This update needs to be installed in parallel with the
2.3.17 rails update.
Security Issue references:
* CVE-2013-0184
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
>
* CVE-2012-6109
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
>
* CVE-2013-0183
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
>
* CVE-2012-5664
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5664
>
* CVE-2012-2695
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2695
>
* CVE-2013-0155
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
>
* CVE-2013-0156
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156
>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Cloud 1.0:
zypper in -t patch sleclo10sp2-rubygem-merb-core-7405
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Cloud 1.0 (x86_64):
rubygem-merb-core-1.1.3-0.9.1
References:
http://support.novell.com/security/cve/CVE-2012-2695.html
http://support.novell.com/security/cve/CVE-2012-5664.html
http://support.novell.com/security/cve/CVE-2012-6109.html
http://support.novell.com/security/cve/CVE-2013-0155.html
http://support.novell.com/security/cve/CVE-2013-0156.html
http://support.novell.com/security/cve/CVE-2013-0183.html
http://support.novell.com/security/cve/CVE-2013-0184.html
https://bugzilla.novell.com/805759
http://download.novell.com/patch/finder/?keywords=fe3baf16da4284805596caf983f71fcc
More information about the sle-security-updates
mailing list