Summary: | <dev-ruby/rails-2.3.12: Potential XSS Vulnerability in Ruby on Rails Applications (CVE-2011-2197) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hans de Graaff <graaff> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | alexanderyt, ruby |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://weblog.rubyonrails.org/2011/6/8/potential-xss-vulnerability-in-ruby-on-rails-applications | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 372391 | ||
Bug Blocks: |
Description
Hans de Graaff
2011-06-09 07:35:14 UTC
Status update: rails 2.3.12 has been in the tree for a while. 3.0.8 still pending. Thank you, Hans. Can we stabilize 2.3.12? (In reply to comment #2) > Thank you, Hans. Can we stabilize 2.3.12? I think so. I've filed a separate bug for it since it requires some explanation and that bug can also serve as a focus point for any discussion on the stabilization. Rails 3.0.9 is now also in the tree (note that all 3.0.x versions are still marked ~) Stabilization completed via bug 372391. Closing noglsa for xss. |