Advisories » MGASA-2015-0206

Updated ruby-redcarpet packages fix a security vulnerability

Publication date: 11 May 2015
Modification date: 11 May 2015
Type: security
Affected Mageia releases : 4

Description

Updated ruby-redcarpet packages fix security vulnerability:

Redcarpet allows for possible XSS of untrusted markdown if the autolink
extension is enabled.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=15652
• http://openwall.com/lists/oss-security/2015/04/07/11

SRPMS

4/core

• ruby-redcarpet-3.0.0-1.1.mga4