SECURITY: Fedora 33 Update: rubygem-mechanize-2.7.7-1.fc33
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-db8ebc547e
2021-02-11 01:42:27.185780
--------------------------------------------------------------------------------
Name : rubygem-mechanize
Product : Fedora 33
Version : 2.7.7
Release : 1.fc33
URL : http://mechanize.rubyforge.org/
Summary : A handy web browsing ruby object
Description :
The Mechanize library is used for automating interaction with websites.
Mechanize automatically stores and sends cookies, follows redirects,
can follow links, and submit forms. Form fields can be populated and
submitted. Mechanize also keeps track of the sites that you have
visited as a history.
--------------------------------------------------------------------------------
Update Information:
New version 2.7.7 is released. Note that a security flaw was found on the
previous version which may allow OS commands' injection, which is now assigned
as CVE-2021-21289 . This new rpm fixes this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Mamoru TASAKA - 2.7.7-1
- 2.7.7
- Including fix for CVE-2021-21289
* Wed Jan 27 2021 Fedora Release Engineering - 2.7.6-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jan 6 2021 Mamoru TASAKA - 2.7.6-2
- Fix build failure
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-db8ebc547e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
A rubygem-mechanize security update has been released for Fedora 33.