Bug 731438 (CVE-2011-2930) - CVE-2011-2930 rubygem-activerecord: SQL injection vulnerability in quote_table_name (Ruby on Rails)
Summary: CVE-2011-2930 rubygem-activerecord: SQL injection vulnerability in quote_tabl...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-2930
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 731440 731441 731452 731453
Blocks: 732542
TreeView+ depends on / blocked
 
Reported: 2011-08-17 16:46 UTC by Vincent Danen
Modified: 2019-09-29 12:46 UTC (History)
10 users (show)

Fixed In Version: rubygem-activerecord 2.3.13, rubygem-activerecord 3.0.10, rubygem-activerecord 3.1.0
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-01-16 09:51:23 UTC
Embargoed:


Attachments (Terms of Use)

Description Vincent Danen 2011-08-17 16:46:05 UTC
An SQL injection vulnerability in the quote_table_name method could allow malicious users to inject arbitrary SQL into a query [1].

This is corrected in upstream 3.0.10, 2.3.13, and 3.1.0rc5 versions.  Patches are available in the advisory [1] and in git [2].

[1] http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b
[2] https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85

Comment 2 Vincent Danen 2011-08-17 17:18:50 UTC
This flaw is in rubygem-activerecord, not rubygem-rails.

Comment 3 Vincent Danen 2011-08-17 17:27:33 UTC
Created rubygem-activerecord tracking bugs for this issue

Affects: fedora-all [bug 731452]
Affects: epel-5 [bug 731453]

Comment 5 Vincent Danen 2011-08-30 04:20:15 UTC
This issue has been assigned the name CVE-2011-2930:

http://www.openwall.com/lists/oss-security/2011/08/19/11


Note You need to log in before you can comment on or make changes to this bug.