[Secure-testing-commits] r19397 - data/CVE
Henri Salo
fgeek-guest at alioth.debian.org
Fri Jun 1 06:27:04 UTC 2012
Author: fgeek-guest
Date: 2012-06-01 06:27:04 +0000 (Fri, 01 Jun 2012)
New Revision: 19397
Modified:
data/CVE/list
Log:
Added new Ruby on Rails Active Record issue CVE-2012-2660.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-05-31 21:26:09 UTC (rev 19396)
+++ data/CVE/list 2012-06-01 06:27:04 UTC (rev 19397)
@@ -909,8 +909,12 @@
- ruby-activerecord-3.2 <unfixed> (bug #675396)
NOTE: Versions Affected: 3.0.0 and ALL later versions. Not affected: 2.3.14. Fixed Versions: 3.2.4, 3.1.5, 3.0.13
NOTE: http://seclists.org/oss-sec/2012/q2/448
-CVE-2012-2660
+CVE-2012-2660 (Unsafe Query Generation Risk in Ruby on Rails in Active Record)
RESERVED
+ [squeeze] - ruby-activerecord <not-affected>
+ - ruby-activerecord-3.2 <unfixed>
+ NOTE: Versions affected: all, fixed in versions 3.2.4, 3.1.5, 3.0.13
+ NOTE: http://seclists.org/oss-sec/2012/q2/449
CVE-2012-2659
RESERVED
CVE-2012-2658
More information about the Secure-testing-commits
mailing list