[SECURITY] Fedora 23 Update: rubygem-rest-client-1.8.0-1.fc23
updates at fedoraproject.org
updates at fedoraproject.org
Thu Aug 27 18:31:37 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
None
2015-08-27 17:56:49.069690
--------------------------------------------------------------------------------
Name : rubygem-rest-client
Product : Fedora 23
Version : 1.8.0
Release : 1.fc23
URL : https://github.com/rest-client/rest-client
Summary : Simple HTTP and REST client for Ruby
Description :
A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework
style of specifying actions: get, put, post, delete.
--------------------------------------------------------------------------------
Update Information:
Update to rest-client 1.8.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1239952 - rubygem-rest-client: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1239952
[ 2 ] Bug #1205294 - CVE-2015-1820 rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1205294
[ 3 ] Bug #1118692 - rubygem-rest-client-1.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1118692
[ 4 ] Bug #1240983 - CVE-2015-3448 rubygem-rest-client: unsanitized application logging [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1240983
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-rest-client' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list