Red Hat Bugzilla – Bug 472510
CVE-2008-5189 rubygems-actionpack: redirect HTTP header injection vulnerability
Last modified: 2009-03-17 23:26:51 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5189 to
the following vulnerability:
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows
remote attackers to inject arbitrary HTTP headers and conduct HTTP
response splitting attacks via a crafted URL to the redirect_to
Note: The "offet-limit-sanitization" issue was originally reported as CVE-2008-4094 and we already fixed it in all related packages. Please see
for more details.
If I read correct, the 2.0.x, 2.1.x and 2.2.x series are affected - which means
ALL Fedora and EPEL branches - right?
Yes, this issue affects all versions of the rubygem-actionpack package,
as shipped within the Fedora release of 8, 9, 10 and as shipped within
the EPEL project.
This issue was fixed upstream in 2.1.2.
Alternatively, following patch can be used:
2.1.1 seems to be the current version in both all stable Fedora versions and EPEL5.
rubygem-actionpack packages 2.2.2 currently in Rawhide have the sanitisation patch included.
I'm checking in rubygem-actionpack 2.1.1-2 in F-10, F-9 and EL-5 right now
rubygem-actionpack-2.1.1-2.fc10 has been submitted as an update for Fedora 10.
rubygem-actionpack-2.1.1-2.fc9 has been submitted as an update for Fedora 9.
rubygem-actionpack-2.1.1-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
rubygem-actionpack-2.1.1-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This bug should have been closed already... bodhi!!