[go: up one dir, main page]
|
|
Log in / Subscribe / Register

rubygem-passenger: insecure temporary directory usage

Package(s):rubygem-passenger CVE #(s):CVE-2013-4136
Created:July 31, 2013 Updated:August 23, 2013
Description: From the Red Hat bugzilla:

It was reported [1],[2] that Phusion Passenger would reuse existing server instance directories (temporary directories) which could cause Passenger to remove or overwrite files belonging to other instances. This has been corrected in upstream version 4.0.8 via two fixes (the initial fix and a regression fix; both are required to fully fix the issue). This is an issue similar to CVE-2013-2119.

Alerts:
Mageia MGASA-2013-0253 rubygem-passenger 2013-08-22
Red Hat RHSA-2013:1136-01 rubygem-passenger 2013-08-05
Fedora FEDORA-2013-13297 rubygem-passenger 2013-07-30
Fedora FEDORA-2013-13234 rubygem-passenger 2013-07-30
Fedora FEDORA-2013-13231 rubygem-passenger 2013-07-30
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds