{"id":"RHSA-2016:0454","summary":"Red Hat Security Advisory: ror40 security update","modified":"2026-03-11T07:05:00.017389Z","published":"2024-09-13T12:26:58Z","upstream":["CVE-2015-7576","CVE-2015-7577","CVE-2015-7581","CVE-2016-0751","CVE-2016-0752","CVE-2016-2097","CVE-2016-2098"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:0454"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301933"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301946"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301957"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301963"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301981"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310043"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310054"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0454.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7576"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7576"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7576"},{"type":"ARTICLE","url":"http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7577"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7577"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7577"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7581"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7581"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7581"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/dthJ5wL69JE/YzPnFelbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0751"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0751"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0751"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0752"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0752"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0752"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ"},{"type":"ARTICLE","url":"https://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-2097"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-2097"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2097"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-2098"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-2098"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2098"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ"}],"affected":[{"package":{"name":"ror40-rubygem-actionpack","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ror40-rubygem-actionpack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-actionpack-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ror40-rubygem-actionpack-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-activerecord","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ror40-rubygem-activerecord"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-6.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-activerecord-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ror40-rubygem-activerecord-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-6.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-activesupport","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ror40-rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-4.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-actionpack","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ror40-rubygem-actionpack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-7.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-actionpack-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ror40-rubygem-actionpack-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-7.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-activerecord","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ror40-rubygem-activerecord"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-6.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-activerecord-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ror40-rubygem-activerecord-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-6.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}},{"package":{"name":"ror40-rubygem-activesupport","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ror40-rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.2-4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0454.json"}}],"schema_version":"1.7.5"}