Description of problem: rubygem-actionmailer 2.1.1 is available and fixes a security issue, please update on all active branches; especially the EPEL ones. And for me it seems to work everywhere. Version-Release number of selected component (if applicable): rubygem-actionmailer-2.1.0-1 Expected results: rubygem-actionmailer-2.1.1-1 or newer on all active branches. Additional info: http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1 http://rails.lighthouseapp.com/projects/8994/tickets/964-fix-for-sql-injection-on-limit-and-offset-should-be-backported http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter/
Other references: http://rails.lighthouseapp.com/projects/8994/tickets/288 Proposed patch: http://rails.lighthouseapp.com/attachments/25290/0001-adding-sql-injection-fixes-for-limit-and-offset.patch This issue affects all versions of rubygem-actionmailer package, as shipped within Fedora releases of 8, 9 and 10 and within the Extra Packages for Enterprise Linux (EPEL) project.
rubygem-activesupport-2.1.1-1.fc9,rubygem-activerecord-2.1.1-1.fc9,rubygem-actionpack-2.1.1-1.fc9,rubygem-actionmailer-2.1.1-1.fc9,rubygem-activeresource-2.1.1-1.fc9,rubygem-rails-2.1.1-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/rubygem-activesupport-2.1.1-1.fc9,rubygem-activerecord-2.1.1-1.fc9,rubygem-actionpack-2.1.1-1.fc9,rubygem-actionmailer-2.1.1-1.fc9,rubygem-activeresource-2.1.1-1.fc9,rubygem-rails-2.1.1-1.fc9
rubygems-1.2.0-2.fc8,rubygem-activesupport-2.1.1-1.fc8,rubygem-activerecord-2.1.1-1.fc8,rubygem-actionpack-2.1.1-1.fc8,rubygem-actionmailer-2.1.1-1.fc8,rubygem-activeresource-2.1.1-1.fc8,rubygem-rails-2.1.1-2.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/rubygems-1.2.0-2.fc8,rubygem-activesupport-2.1.1-1.fc8,rubygem-activerecord-2.1.1-1.fc8,rubygem-actionpack-2.1.1-1.fc8,rubygem-actionmailer-2.1.1-1.fc8,rubygem-activeresource-2.1.1-1.fc8,rubygem-rails-2.1.1-2.fc8
rubygems-1.2.0-2.fc8, rubygem-activesupport-2.1.1-1.fc8, rubygem-activerecord-2.1.1-1.fc8, rubygem-actionpack-2.1.1-1.fc8, rubygem-actionmailer-2.1.1-1.fc8, rubygem-activeresource-2.1.1-1.fc8, rubygem-rails-2.1.1-2.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update rubygems rubygem-activesupport rubygem-activerecord rubygem-actionpack rubygem-actionmailer rubygem-activeresource rubygem-rails'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-8282
rubygem-activesupport-2.1.1-1.fc9, rubygem-activerecord-2.1.1-1.fc9, rubygem-actionpack-2.1.1-1.fc9, rubygem-actionmailer-2.1.1-1.fc9, rubygem-activeresource-2.1.1-1.fc9, rubygems-1.2.0-2.fc9, rubygem-rails-2.1.1-2.fc9 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update rubygem-activesupport rubygem-activerecord rubygem-actionpack rubygem-actionmailer rubygem-activeresource rubygems rubygem-rails'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-8322
rubygem-activesupport-2.1.1-1.fc9, rubygem-activerecord-2.1.1-1.fc9, rubygem-actionpack-2.1.1-1.fc9, rubygem-actionmailer-2.1.1-1.fc9, rubygem-activeresource-2.1.1-1.fc9, rubygems-1.2.0-2.fc9, rubygem-rails-2.1.1-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
rubygems-1.2.0-2.fc8, rubygem-activesupport-2.1.1-1.fc8, rubygem-activerecord-2.1.1-1.fc8, rubygem-actionpack-2.1.1-1.fc8, rubygem-actionmailer-2.1.1-1.fc8, rubygem-activeresource-2.1.1-1.fc8, rubygem-rails-2.1.1-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.