Security update for rubygem-activerecord-2_3 and rubygem-activesupport-2_3

SUSE Security Update: Security update for rubygem-activerecord-2_3 and rubygem-activesupport-2_3
Announcement ID: SUSE-SU-2014:0430-4
Rating: low
References: #864873
Affected Products:
  • SUSE Linux Enterprise Software Development Kit 11 SP3
  • SUSE Cloud 2.0

  • An update that contains security fixes can now be installed.

    Description:


    Various Ruby gems were released where the unpacked tree was
    patched for the current security issues, but the included
    gem file (gem archive) was not adjusted.

    This update rolls the current updates to also contain the
    fixes in the .gem files.

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Software Development Kit 11 SP3:
      zypper in -t patch sdksp3-rails-fixgem-201402-8995
    • SUSE Cloud 2.0:
      zypper in -t patch sleclo20sp3-rails-fixgem-201402-8995

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64):
    • rubygem-activerecord-2_3-2.3.17-0.13.1
    • rubygem-activesupport-2_3-2.3.17-0.13.1
    • SUSE Cloud 2.0 (x86_64):
    • rubygem-activerecord-2_3-2.3.17-0.13.1
    • rubygem-activesupport-2_3-2.3.17-0.13.1

    References:

    • https://bugzilla.novell.com/864873
    • http://download.suse.com/patch/finder/?keywords=3610d5fab7c3f103da2b40b9185f004b