-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4416-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès December 21, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : rails Version : 2:6.0.3.7+dfsg-2+deb11u4 CVE ID : CVE-2025-24293 CVE-2025-55193 Debian Bug : 1111106 Multiple security issues were discovered in the Rails web framework which could result in command injection or logging of unescaped ANSI sequences. For Debian 11 bullseye, these problems have been fixed in version 2:6.0.3.7+dfsg-2+deb11u4. We recommend that you upgrade your rails packages. For the detailed security status of rails please refer to its security tracker page at: https://security-tracker.debian.org/tracker/rails Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmlOtNwACgkQADoaLapB CF87Pw/+MR1nm4Km0+rbyLQcuJAR1loYXup8bGqqvYSmgKiLWfBmn9cdpV7e0D3f qd4MaCHULc2q6u/rKjSYOM9GSS5a2koPb83o9+INPZTrupRzFlXl2uw4hZUrTPsm kxdgFtwWxaPlYoLU1DJmAzTZIuVBJL7KFl5fGom444NEVnpCPkAJ9yubGl25MVML Sze0s4k90WpGPjswiuIyGlEWlj0rsQ0/l4limss2s7fBfR+1zoGNjJExD5vx9sKj FN2rVYQwjdHcxz3YSjs+MQcepw0birL6+wfYgKa6aauwRdSlwTOdTKJKRxJTofE4 Hbz1GvnZWlRrlNw4kh4qVl6hODKmeDY65BRVsH+w3ZfSxqykpye9vRKzlsQdHtLT E2MHcUpzU3MmwhZUvHVd4jT4pNYwJK9N7CsObR8dl9GYb6Tp3vGcmI4jXBr8Xosj CFoJLHuHxdmAKhgCt83fWI5WVJ1NNSEvHWIMXjX9GNAK79lkeJ/4xss+F4bd1MwH qweNJHcnzn7rgD69PNKynQTAxNIpJv0+wI2XqbHZsti7mqxMmQsIjwSFXJpqV8CP CGqy8CkKRAirZbsthhZnYT9EVqDxQEQVrHtAYt7m7xMPu0KtsfIRB2aGw50VR/+c /fJCZWAAVp8R2iojPQabey78/9NBolMfaxXUY63dHSuWInVFVpQ= =myNE -----END PGP SIGNATURE-----
