[Secure-testing-commits] r9940 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Oct 2 12:02:06 UTC 2008
Author: nion
Date: 2008-10-02 12:02:01 +0000 (Thu, 02 Oct 2008)
New Revision: 9940
Modified:
data/CVE/list
Log:
CVE-2008-4094 fixed in rails 2.1.0-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-02 12:00:32 UTC (rev 9939)
+++ data/CVE/list 2008-10-02 12:02:01 UTC (rev 9940)
@@ -593,7 +593,9 @@
CVE-2008-4095 (Multiple unspecified vulnerabilities in Flip4Mac WMV before 2.2.1 have ...)
NOT-FOR-US: Flip4Mac WMV
CVE-2008-4094 (Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 ...)
- - rails <unfixed> (bug #500791)
+ - rails 2.1.0-1 (medium; bug #500791)
+ NOTE: in mysql this only allows information disclosure as multiline statements are
+ NOTE: not allowed by default
CVE-2008-4093 (SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and ...)
NOT-FOR-US: YourOwnBux
CVE-2008-4092 (SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) ...)
More information about the Secure-testing-commits
mailing list