[Secure-testing-commits] r12820 - in data: . CVE
Steffen Joeris
white at alioth.debian.org
Tue Sep 15 16:49:21 UTC 2009
Author: white
Date: 2009-09-15 16:49:21 +0000 (Tue, 15 Sep 2009)
New Revision: 12820
Modified:
data/CVE/list
data/package-tags
Log:
rails issue fixed in lenny, etch support discontinued
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-15 16:48:11 UTC (rev 12819)
+++ data/CVE/list 2009-09-15 16:49:21 UTC (rev 12820)
@@ -300,6 +300,8 @@
NOT-FOR-US: IBM Lotus Domino
CVE-2009-3086 (A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x ...)
- rails 2.2.3-1 (low; bug #545063)
+ [etch] - rails <no-dsa> (Minor issue)
+ [lenny] - rails <no-dsa> (Minor issue)
CVE-2009-3085 (The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ...)
- pidgin 2.6.2-1 (low)
CVE-2009-3084 (The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c ...)
@@ -602,6 +604,7 @@
- iceweasel <unfixed> (unimportant)
CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before ...)
- rails 2.2.3-1 (low; bug #545063)
+ [etch] - rails <no-dsa> (Unsupported)
CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the address ...)
NOT-FOR-US: K-Meleon
CVE-2009-3007 (Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow ...)
Modified: data/package-tags
===================================================================
--- data/package-tags 2009-09-15 16:48:11 UTC (rev 12819)
+++ data/package-tags 2009-09-15 16:49:21 UTC (rev 12820)
@@ -22,3 +22,5 @@
[lenny] ltp <limited-support> (Testsuite, only supported on non-production non-multiuser systems)
[sid] vmware-package <unspported> (Only a build script for native upstream tarballs, not supported)
+
+[etch] rails <unsupported> (Unusable, should be removed)
More information about the Secure-testing-commits
mailing list