Security

• CRIT: Updated Java and other system packages to address critical vulnerabilities.
• CRIT: Updated Ruby to protect against a buffer overflow vulnerability.
• CRIT: Fixed a bug where a user could craft a special request that would allow arbitrary command execution on the appliance.
• HIGH: Updated git for 32-bit and 64-bit installs to prevent a buffer overflow under some conditions.
• HIGH: Kernel updated to prevent an exploit where an SSH user on the appliance could potentially gain elevated root permissions.
• HIGH: Fixed a bug in the API that would allow for brute force password guessing.
• HIGH: Updated Gist to address new Rails security vulnerabilities.
• LOW: Fixed a bug that allowed users to inject LDAP filters into the username field on the login page.
• LOW: Fixed an issue where a Gist's content wasn't filtered correctly and therefore appeared in the log files.