SUSE update for rubygem-json_pure

by Carol~ Moderator - 4/4/13 8:08 AM

In Reply to: VULNERABILITIES / FIXES - April 04, 2013 by Carol~ Moderator

Release Date : 2013-04-04

Criticality level : Moderately critical
Impact : Security Bypass
Where : From remote
Solution Status: Vendor Patch

Software:
SUSE Studio Extension for System z 1.x
SUSE Studio Standard Edition 1.x
WebYaST 1.x

Description:
SUSE has issued an update for rubygem-json_pure. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
SUSE-SU-2013:0609-1:
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00001.html

http://secunia.com/advisories/52899/