[Secure-testing-commits] r24899 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 27 05:29:03 UTC 2013
Author: carnil
Date: 2013-12-27 05:29:03 +0000 (Fri, 27 Dec 2013)
New Revision: 24899
Modified:
data/CVE/list
Log:
Add two (unchecked) CVEs for nokogiri ruby gem
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-27 05:16:06 UTC (rev 24898)
+++ data/CVE/list 2013-12-27 05:29:03 UTC (rev 24899)
@@ -2963,10 +2963,18 @@
RESERVED
CVE-2013-6462
RESERVED
-CVE-2013-6461
+CVE-2013-6461 [DoS while parsing XML entities]
RESERVED
-CVE-2013-6460
+ - ruby-nokogiri <unfixed>
+ - libnokogiri-ruby <removed>
+ NOTE: https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA
+ TODO: check
+CVE-2013-6460 [DoS while parsing XML documents]
RESERVED
+ - ruby-nokogiri <unfixed>
+ - libnokogiri-ruby <removed>
+ NOTE: https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA
+ TODO: check
CVE-2013-6459 [XSS vulnerabilities]
RESERVED
- ruby-will-paginate <unfixed>
More information about the Secure-testing-commits
mailing list