[Secure-testing-commits] r20872 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Thu Jan 10 06:43:35 UTC 2013
Author: carnil
Date: 2013-01-10 06:43:35 +0000 (Thu, 10 Jan 2013)
New Revision: 20872
Modified:
data/CVE/list
Log:
add fixed versionf for CVE-2013-0155, CVE-2013-0156
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-09 21:46:33 UTC (rev 20871)
+++ data/CVE/list 2013-01-10 06:43:35 UTC (rev 20872)
@@ -1830,14 +1830,14 @@
RESERVED
{DSA-2604-1}
- rails 2.3.14.1 (bug #697722; high)
- - ruby-actionpack-3.2 <unfixed>
+ - ruby-actionpack-3.2 3.2.6-5 (bug #697802)
- ruby-actionpack-2.3 <unfixed>
NOTE: Starting with 2.3.14.1 rails is a transition package
NOTE: http://www.insinuator.net/2013/01/rails-yaml/
NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/14
CVE-2013-0155
RESERVED
- - ruby-activerecord-3.2 <unfixed> (bug #697744)
+ - ruby-activerecord-3.2 3.2.6-4 (bug #697744)
- ruby-activerecord-2.3 <not-affected> (Only applies to 3.x)
- rails <not-affected> (Only applies to 3.x)
NOTE: Starting with 2.3.14.1 rails is a transition package
More information about the Secure-testing-commits
mailing list