rubygems-2.0.10-106.fc19 security update
|Date Submitted:||2013-09-25 01:07:51|
|Date Released:||2013-09-26 04:50:37|
Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as CVE-2013-4363.
A packaging bug was found that a directory was not properly owned.
This new rpm will fix this issue.Bugs Fixed1008866 - /usr/share/gems/doc ownershipbodhi - 2013-09-25 01:07:59This update has been submitted for testing by mtasaka.
bodhi - 2013-09-25 15:24:48This update is currently being pushed to the Fedora 19 testing updates repository.
bodhi - 2013-09-26 06:27:11This update has been pushed to testing
besser82 - 2013-09-28 18:49:34LGTM :)
bodhi - 2013-10-03 07:38:48This update has been submitted for stable by mtasaka.
bodhi - 2013-10-03 17:46:12This update is currently being pushed to the Fedora 19 stable updates repository.
bodhi - 2013-10-04 02:00:59This update has been pushed to stable