Hello community, here is the log from the commit of package patchinfo.3655 for openSUSE:13.1:Update checked in at 2015-03-30 16:19:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3655 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.3655.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.3655" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3655"> <issue id="898205" tracker="bnc">VUL-0: CVE-2013-0334: rubygem-bundler: Bundler may install gems from a different source than expected</issue> <issue id="CVE-2013-0334" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>jordimassaguerpla</packager> <description>rubygem-bunder was updated to fix security vulnerabilities and non-security issues The following security issues were fixed: * Hide credentials while warning about gems with ambiguous sources * Warn when more than one top-level source is present * Bundler may install gems from a different source than expected (CVE-2013-0334) (bnc#898205) In addition, rubygem-bundler was udpated to 1.8.4 to fix non-security issues. </description> <summary>Security update for rubygem-bundler</summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org