FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rubygem-mail -- multiple vulnerabilities

Affected packages
rubygem-mail < 2.4.4

Details

VuXML ID 3d55b961-9a2e-11e1-a2ef-001fd0af1a4c
Discovery 2012-03-14
Entry 2012-05-09

rubygem-mail -- multiple vulnerabilities

Two issues were fixed. They are a file system traversal in file_delivery method and arbitrary command execution when using exim or sendmail from the command line.

References

CVE Name CVE-2012-2139
CVE Name CVE-2012-2140
URL http://seclists.org/oss-sec/2012/q2/190