[Secure-testing-commits] r23170 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Fri Aug 2 05:21:52 UTC 2013
Author: carnil
Date: 2013-08-02 05:21:52 +0000 (Fri, 02 Aug 2013)
New Revision: 23170
Modified:
data/CVE/list
Log:
add note for CVE-2012-6109
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-02 05:15:06 UTC (rev 23169)
+++ data/CVE/list 2013-08-02 05:21:52 UTC (rev 23170)
@@ -13554,6 +13554,9 @@
CVE-2012-6109 (lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x ...)
- ruby-rack 1.4.1-2.1 (bug #698440)
- librack-ruby <removed>
+ NOTE: https://github.com/rack/rack/commit/4fc44671b3cad569421f4f8b775c0590b86f575e
+ NOTE: https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
+ TODO: check if affects squeeze
CVE-2012-6108 [default permissions for /var/log/hp are too open]
RESERVED
- hplip <not-affected> (permissions are 755 on wheezy, sid and experimental)
More information about the Secure-testing-commits
mailing list