[Secure-testing-commits] r21091 - data/CVE
Florian Weimer
fw at alioth.debian.org
Wed Jan 30 19:59:13 UTC 2013
Author: fw
Date: 2013-01-30 19:59:13 +0000 (Wed, 30 Jan 2013)
New Revision: 21091
Modified:
data/CVE/list
Log:
CVE-2013-0333: rails is transition package
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-30 18:56:09 UTC (rev 21090)
+++ data/CVE/list 2013-01-30 19:59:13 UTC (rev 21091)
@@ -2754,8 +2754,9 @@
CVE-2013-0333 [Vulnerability in JSON Parser in Ruby on Rails 3.0 and 2.3]
RESERVED
{DSA-2613-1}
- - rails <unfixed> (bug #699226)
+ - rails 2.3.14.1 (bug #699226)
- ruby-activesupport-2.3 2.3.14-6 (bug #699249)
+ NOTE: Starting with 2.3.14.1 rails is a transition package
NOTE: https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
TODO: check
CVE-2013-0332
More information about the Secure-testing-commits
mailing list