Ubuntu
rails package

Overview
Code
Bugs
Blueprints
Translations
Answers

Apply upstream fix for CVE-2019-5418 and CVE-2019-5419

Bug #1820138 reported by Mark Thomas on 2019-03-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	rails (Ubuntu)	New	Undecided	Mark Thomas

Bug Description

The lastest Ubuntu release of rails for all supported releases does not contain the fix for CVE-2019-5418 and CVE-2019-5419.

Upstream commit: f4c70c2222180b8d9d924f00af0c7fd632e26715

Affected files:
actionpack/lib/action_dispatch/http/mime_negotiation.rb
actionpack/test/controller/mime/respond_to_test.rb
actionpack/test/controller/new_base/content_negotiation_test.rb

CVE References

2019-5418
2019-5419

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubunturails package