[Secure-testing-commits] r20938 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Wed Jan 16 15:04:29 UTC 2013
Author: carnil
Date: 2013-01-16 15:04:28 +0000 (Wed, 16 Jan 2013)
New Revision: 20938
Modified:
data/CVE/list
Log:
add three ruby-rack CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-16 12:55:45 UTC (rev 20937)
+++ data/CVE/list 2013-01-16 15:04:28 UTC (rev 20938)
@@ -2836,10 +2836,14 @@
RESERVED
CVE-2013-0185
RESERVED
-CVE-2013-0184
+CVE-2013-0184 [Rack::Auth::AbstractRequest DoS]
RESERVED
-CVE-2013-0183
+ - ruby-rack <unfixed>
+ TODO: check
+CVE-2013-0183 [receiving excessively long lines triggers out-of-memory error]
RESERVED
+ - ruby-rack <unfixed>
+ TODO: check
CVE-2013-0182
RESERVED
CVE-2013-0181
@@ -3473,8 +3477,10 @@
RESERVED
CVE-2012-6110
RESERVED
-CVE-2012-6109
+CVE-2012-6109 [parsing Content-Disposition header DoS]
RESERVED
+ - ruby-rack <unfixed>
+ TODO: check
CVE-2012-6108
RESERVED
CVE-2012-6107 [Does not verify that the server hostname matches a domain name in the subject's CN or subjectAltName field of the x.509 certificate]
More information about the Secure-testing-commits
mailing list