[Secure-testing-commits] r18937 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Apr 13 12:43:31 UTC 2012


Author: jmm
Date: 2012-04-13 12:43:31 +0000 (Fri, 13 Apr 2012)
New Revision: 18937

Modified:
   data/CVE/list
Log:
bugs for rails
osc unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-04-13 12:05:16 UTC (rev 18936)
+++ data/CVE/list	2012-04-13 12:43:31 UTC (rev 18937)
@@ -2609,11 +2609,9 @@
 	RESERVED
 	NOT-FOR-US: JBoss Operations Network
 CVE-2012-1099 (Cross-site scripting (XSS) vulnerability in ...)
-	- rails <unfixed>
-	TODO: check
+	- rails <unfixed> (bug #668607)
 CVE-2012-1098 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before ...)
-	- rails <unfixed>
-	TODO: check
+	- rails <unfixed> (bug #668607)
 CVE-2012-1097
 	RESERVED
 	{DSA-2443-1}
@@ -2625,8 +2623,8 @@
 	TODO: check
 CVE-2012-1095
 	RESERVED
-	- osc <unfixed>
-	TODO: check
+	- osc <unfixed> (unimportant)
+	NOTE: This is ultimately a bug in the respectice terminal emulations and not a vulnerability in osc
 CVE-2012-1094
 	RESERVED
 	NOT-FOR-US: mod_cluster




More information about the Secure-testing-commits mailing list