Path to this page:
Subject: CVS commit: pkgsrc/www/ruby-actionpack
From: Takahiro Kambe
Date: 2011-08-17 16:13:32
Message id: 20110817141332.33FB6175DD@cvs.netbsd.org
Log Message:
Update ruby-actionpack package to 2.3.14:
2.3.14:
Security Fix:
1. The code in Ruby on Rails 2.3 which sets the response content type
performs insufficient sanitization of the values provided. This
means that applications which let the user provide an arbitrary
Content-Type header for the response are vulnerable to response
splitting attacks.
2. The strip_tags helper in Ruby on Rails is designed to remove all
HTML tags from a string. By using specially crafted values an
attacker can confuse the parser and cause HTML tags to be injected
into the response. This can be exploited to inject arbitrary
javascript into the rendered page.
Future releases of Ruby on Rails are likely to replace the current
HTML tokenizer with one provided by libxml to reduce the likelihood
of errors such as these in the future. In the meantime users can
install the loofah gem[1] which should enhance both the performance
and reliability of the HTML sanitization helpers.
Files: