{"id":"RHSA-2016:0296","summary":"Red Hat Security Advisory: rh-ror41 security update","modified":"2026-03-03T10:01:17Z","published":"2024-09-13T12:26:48Z","upstream":["CVE-2015-7576","CVE-2015-7577","CVE-2015-7581","CVE-2016-0751","CVE-2016-0752","CVE-2016-0753"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:0296"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301933"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301946"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301957"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301963"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301973"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301981"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0296.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7576"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7576"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7576"},{"type":"ARTICLE","url":"http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7577"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7577"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7577"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7581"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7581"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7581"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/dthJ5wL69JE/YzPnFelbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0751"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0751"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0751"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0752"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0752"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0752"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ"},{"type":"ARTICLE","url":"https://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0753"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0753"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0753"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/6jQVC1geukQ/8oYETcxbFQAJ"}],"affected":[{"package":{"name":"rh-ror41-rubygem-actionpack","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionpack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-3.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionpack-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionpack-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-3.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionview","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionview"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-4.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionview-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionview-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-4.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activemodel","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activemodel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-2.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activemodel-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activemodel-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-2.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activerecord","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activerecord"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-2.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activerecord-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activerecord-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-2.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activesupport","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-3.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionpack","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionpack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionpack-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionpack-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionview","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionview"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-actionview-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-actionview-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activemodel","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activemodel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activemodel-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activemodel-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.1.5-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activerecord","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activerecord"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activerecord-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activerecord-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}},{"package":{"name":"rh-ror41-rubygem-activesupport","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/rh-ror41-rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.5-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0296.json"}}],"schema_version":"1.7.3"}