Information on source package passenger

Available versions

ReleaseVersion
stretch5.0.30-1+deb9u1
buster5.0.30-1.1
bullseye5.0.30-1.2+deb11u1
bookworm6.0.17+ds-1
trixie6.0.17+ds-1
sid6.0.20+ds-1

Open unimportant issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2016-10345vulnerablevulnerablevulnerablefixedfixedfixedIn Phusion Passenger before 5.1.0, a known /tmp filename was used duri ...

Resolved issues

BugDescription
CVE-2018-12615An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelpe ...
CVE-2018-12029A race condition in the nginx module in Phusion Passenger 3.x through ...
CVE-2018-12028An Incorrect Access Control vulnerability in SpawningKit in Phusion Pa ...
CVE-2018-12027An Insecure Permissions vulnerability in SpawningKit in Phusion Passen ...
CVE-2018-12026During the spawning of a malicious Passenger-managed application, Spaw ...
CVE-2017-16355In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...
CVE-2015-7519agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0. ...
CVE-2014-1832Phusion Passenger 4.0.37 allows local users to write to certain files ...
CVE-2014-1831Phusion Passenger before 4.0.37 allows local users to write to certain ...
CVE-2013-4136ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 f ...
CVE-2008-7220Unspecified vulnerability in Prototype JavaScript framework (prototype ...

Security announcements

DSA / DLADescription
DSA-4415-1passenger - security update
DLA-394-1passenger - security update
Search for package or bug name: Reporting problems