openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails
3.2 stack was updated to 3.2.12.

The Ruby Rack was updated to 1.1.6. The Ruby Rack was
updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The
Ruby Rack was updated to 1.4.5.

The updates fix various security issues and bugs.

- update to version 2.3.17 (bnc#803336, bnc#803339)
CVE-2013-0276 CVE-2013-0277 :

- update to version 3.2.12 (bnc#803336) CVE-2013-0276 :

- update to version 3.2.12 (bnc#803336) CVE-2013-0276:
issue with attr_protected where malformed input could
circumvent protection

- update to version 2.3.17 (bnc#803336, bnc#803339)
CVE-2013-0276 CVE-2013-0277 :

- Fix issue with attr_protected where malformed input
could circumvent protection

- Fix Serialized Attributes YAML Vulnerability

- update to version 2.3.17 (bnc#803336, bnc#803339)
CVE-2013-0276 CVE-2013-0277 :

- Fix issue with attr_protected where malformed input
could circumvent protection

- Fix Serialized Attributes YAML Vulnerability

- update to version 3.2.12 (bnc#803336) CVE-2013-0276 :

- Quote numeric values being compared to non-numeric
columns. Otherwise, in some database, the string column
values will be coerced to a numeric allowing 0, 0.0 or
false to match any string starting with a non-digit.

- update to 1.1.6 (bnc#802794)

- Fix CVE-2013-0263, timing attack against
Rack::Session::Cookie

- update to 1.2.8 (bnc#802794)

- Fix CVE-2013-0263, timing attack against
Rack::Session::Cookie

- update to 1.3.10 (bnc#802794)

- Fix CVE-2013-0263, timing attack against
Rack::Session::Cookie

- ruby rack update to 1.4.5 (bnc#802794 bnc#802795)

- Fix CVE-2013-0263, timing attack against
Rack::Session::Cookie

- Fix CVE-2013-0262, symlink path traversal in Rack::File

- ruby rack update to 1.4.4 (bnc#798452)

- [SEC] Rack::Auth::AbstractRequest no longer symbolizes
arbitrary strings (CVE-2013-0184)

- ruby rack changes from 1.4.3

- Security: Prevent unbounded reads in large multipart
boundaries (CVE-2013-0183)

- ruby rack changes from 1.4.2 (CVE-2012-6109)

- Add warnings when users do not provide a session secret

- Fix parsing performance for unquoted filenames

- Updated URI backports

- Fix URI backport version matching, and silence constant
warnings

- Correct parameter parsing with empty values

- Correct rackup '-I' flag, to allow multiple uses

- Correct rackup pidfile handling

- Report rackup line numbers correctly

- Fix request loops caused by non-stale nonces with time
limits

- Fix reloader on Windows

- Prevent infinite recursions from Response#to_ary

- Various middleware better conforms to the body close
specification

- Updated language for the body close specification

- Additional notes regarding ECMA escape compatibility
issues

- Fix the parsing of multiple ranges in range headers

- Prevent errors from empty parameter keys

- Added PATCH verb to Rack::Request

- Various documentation updates

- Fix session merge semantics (fixes rack-test)

- Rack::Static :index can now handle multiple directories

- All tests now utilize Rack::Lint (special thanks to Lars
Gierth)

- Rack::File cache_control parameter is now deprecated,
and removed by 1.5

- Correct Rack::Directory script name escaping

- Rack::Static supports header rules for sophisticated
configurations

- Multipart parsing now works without a Content-Length
header

- New logos courtesy of Zachary Scott!

- Rack::BodyProxy now explicitly defines #each, useful for
C extensions

- Cookies that are not URI escaped no longer cause
exceptions

See also :

http://lists.opensuse.org/opensuse-updates/2013-02/msg00071.html
https://bugzilla.novell.com/show_bug.cgi?id=798452
https://bugzilla.novell.com/show_bug.cgi?id=802794
https://bugzilla.novell.com/show_bug.cgi?id=802795
https://bugzilla.novell.com/show_bug.cgi?id=803336
https://bugzilla.novell.com/show_bug.cgi?id=803339

Solution :

Update the affected RubyOnRails packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74900 ()

Bugtraq ID:

CVE ID: CVE-2012-6109
CVE-2013-0183
CVE-2013-0184
CVE-2013-0262
CVE-2013-0263
CVE-2013-0276
CVE-2013-0277

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now