blob: 8c8809d3f2aac54a979943399df604440b26f907 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>It was discovered that there was a discovered a path traversal flaw
in ruby-sprockets, a Rack-based asset packaging system. A remote
attacker could take advantage of this flaw to read arbitrary files
outside an application's root directory via "file://" requests.</p>
<p>For Debian 8 <q>Jessie</q>, this issue has been fixed in ruby-sprockets version
2.12.3-1+deb8u1.</p>
<p>We recommend that you upgrade your ruby-sprockets packages.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2018/dla-1419.data"
# $Id: $
|
