[SECURITY] Fedora 10 Update: rubygem-actionpack-2.1.1-2.fc10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-2149 2009-02-27 23:42:02 -------------------------------------------------------------------------------- Name : rubygem-actionpack Product : Fedora 10 Version : 2.1.1 Release : 2.fc10 URL : http://www.rubyonrails.org Summary : Web-flow and rendering framework putting the VC in MVC Description : Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. -------------------------------------------------------------------------------- Update Information: CVE-2008-5189: CGI header injection vulnerability -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2009 Jeroen van Meeuwen <kanarip(a)fedoraproject.org&gt; - 2.1.1-2 - Fix CVE-2008-5189 -------------------------------------------------------------------------------- References: [ 1 ] Bug #472510 - CVE-2008-5189 rubygems-actionpack: redirect HTTP header injection vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=472510 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-actionpack' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------