Information on source package passenger

Available versions

ReleaseVersion
stretch5.0.30-1
buster5.0.30-1
sid5.0.30-1

Open issues

BugstretchbustersidDescription
CVE-2018-12029vulnerablevulnerablevulnerableA race condition in the nginx module in Phusion Passenger 3.x through ...
CVE-2017-16355vulnerablevulnerablevulnerableIn agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...

Open unimportant issues

BugstretchbustersidDescription
CVE-2016-10345vulnerablevulnerablevulnerableIn Phusion Passenger before 5.1.0, a known /tmp filename was used ...

Resolved issues

BugDescription
CVE-2018-12615An issue was discovered in switchGroup() in ...
CVE-2018-12028An Incorrect Access Control vulnerability in SpawningKit in Phusion ...
CVE-2018-12027An Insecure Permissions vulnerability in SpawningKit in Phusion ...
CVE-2018-12026During the spawning of a malicious Passenger-managed application, ...
CVE-2015-7519agent/Core/Controller/SendRequest.cpp in Phusion Passenger before ...
CVE-2014-1832Phusion Passenger 4.0.37 allows local users to write to certain files ...
CVE-2014-1831Phusion Passenger before 4.0.37 allows local users to write to certain ...
CVE-2013-4136ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 ...
CVE-2008-7220Unspecified vulnerability in Prototype JavaScript framework ...

Security announcements

DSA / DLADescription
DLA-394-1passenger - security update

Search for package or bug name: Reporting problems