User: Password:
Subscribe / Log in / New account

rubygem-actionmailer: denial of service

Package(s):rubygem-actionmailer-3_2 CVE #(s):CVE-2013-4389
Created:December 23, 2013 Updated:March 27, 2014
Description: From the CVE entry:

Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message.

Debian DSA-2888-1 ruby-actionpack-3.2 2014-03-27
Debian DSA-2887-1 ruby-actionmailer-3.2 2014-03-27
Fedora FEDORA-2014-0970 rubygem-activesupport 2014-01-24
Fedora FEDORA-2014-0970 rubygem-actionpack 2014-01-24
Fedora FEDORA-2014-0970 rubygem-actionmailer 2014-01-24
openSUSE openSUSE-SU-2014:0009-1 rubygem-actionpack-3_2 2014-01-03
openSUSE openSUSE-SU-2013:1931-1 rubygem-activesupport-3_2 2013-12-23
openSUSE openSUSE-SU-2013:1928-1 rubygem-actionmailer-3_2 2013-12-23

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds