[Secure-testing-commits] r24553 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 3 21:45:59 UTC 2013
Author: carnil
Date: 2013-12-03 21:45:59 +0000 (Tue, 03 Dec 2013)
New Revision: 24553
Modified:
data/CVE/list
Log:
Add CVE-2013-6416
NOTE: as with the previous CVE's I have left the TODO item, as reporting
to the BTS is missing yet.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-03 21:42:15 UTC (rev 24552)
+++ data/CVE/list 2013-12-03 21:45:59 UTC (rev 24553)
@@ -1095,8 +1095,14 @@
RESERVED
CVE-2013-6417
RESERVED
-CVE-2013-6416
+CVE-2013-6416 [XSS]
RESERVED
+ - rails-4.0 <unfixed>
+ - ruby-actionpack-3.2 <not-affected> (vulnerable code not present)
+ - ruby-actionpack-2.3 <not-affected> (vulnerable coee not present)
+ - rails 2.3.14.1
+ NOTE: Starting with 2.3.14.1 rails is a transition package
+ TODO: check, report to BTS
CVE-2013-6415 [XSS]
RESERVED
- rails-4.0 <unfixed>
More information about the Secure-testing-commits
mailing list