FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rails -- multiple vulnerabilities

Affected packages
	rubygem-actionpack	<	3.2.22.2
	rubygem-actionpack4	<	4.2.5.2
	rubygem-actionview	<	4.2.5.2
	rubygem-rails	<	3.2.22.2
	rubygem-rails4	<	4.2.5.2

Details

VuXML ID	5a016dd0-8aa8-490e-a596-55f4cc17e4ef
Discovery	2016-02-29
Entry	2016-03-06

Ruby on Rails blog:

Rails 4.2.5.2, 4.1.14.2, and 3.2.22.2 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible.

[source]

References

CVE Name	CVE-2016-2097
CVE Name	CVE-2016-2098
URL	http://weblog.rubyonrails.org/2016/2/29/Rails-4-2-5-2-4-1-14-2-3-2-22-2-have-been-released/
URL	https://groups.google.com/d/msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ
URL	https://groups.google.com/d/msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ