Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 731438 (CVE-2011-2930) - CVE-2011-2930 rubygem-activerecord: SQL injection vulnerability in quote_table_name (Ruby on Rails)
Summary: CVE-2011-2930 rubygem-activerecord: SQL injection vulnerability in quote_tabl...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-2930
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 731440 731441 731452 731453
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-08-17 16:46 UTC by Vincent Danen
Modified: 2019-09-29 12:46 UTC (History)
10 users (show)

Fixed In Version: rubygem-activerecord 2.3.13, rubygem-activerecord 3.0.10, rubygem-activerecord 3.1.0
Clone Of:
Environment:
Last Closed: 2013-01-16 09:51:23 UTC
Embargoed:


Attachments (Terms of Use)

Description Vincent Danen 2011-08-17 16:46:05 UTC
An SQL injection vulnerability in the quote_table_name method could allow malicious users to inject arbitrary SQL into a query [1].

This is corrected in upstream 3.0.10, 2.3.13, and 3.1.0rc5 versions.  Patches are available in the advisory [1] and in git [2].

[1] http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b
[2] https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85

Comment 2 Vincent Danen 2011-08-17 17:18:50 UTC
This flaw is in rubygem-activerecord, not rubygem-rails.

Comment 3 Vincent Danen 2011-08-17 17:27:33 UTC
Created rubygem-activerecord tracking bugs for this issue

Affects: fedora-all [bug 731452]
Affects: epel-5 [bug 731453]

Comment 5 Vincent Danen 2011-08-30 04:20:15 UTC
This issue has been assigned the name CVE-2011-2930:

http://www.openwall.com/lists/oss-security/2011/08/19/11


Note You need to log in before you can comment on or make changes to this bug.