[Secure-testing-commits] r21662 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Mar 18 17:47:12 UTC 2013
Author: jmm
Date: 2013-03-18 17:47:12 +0000 (Mon, 18 Mar 2013)
New Revision: 21662
Modified:
data/CVE/list
Log:
new rails issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-18 17:36:05 UTC (rev 21661)
+++ data/CVE/list 2013-03-18 17:47:12 UTC (rev 21662)
@@ -1569,13 +1569,25 @@
NOTE: http://stealth.openwall.net/xSports/clown-newuser.c
CVE-2013-1857
RESERVED
+ - ruby-actionpack-3.2 <unfixed> (bug #703349)
+ - ruby-actionpack-2.3 <unfixed>
+ - rails 2.3.14.1
+ NOTE: Starting with 2.3.14.1 rails is a transition package
CVE-2013-1856
RESERVED
+ - ruby-activesupport-2.3 <not-affected> (Only affects 3.x and later)
+ - ruby-activesupport-3.2 <unfixed> (bug #703350)
+ - rails <not-affected> (Only affects 3.x and later)
+ NOTE: Starting with 2.3.14.1 rails is a transition package
CVE-2013-1855
RESERVED
+ - ruby-actionpack-3.2 <unfixed> (bug #703349)
+ - ruby-actionpack-2.3 <unfixed>
+ - rails 2.3.14.1
+ NOTE: Starting with 2.3.14.1 rails is a transition package
CVE-2013-1854
RESERVED
- - ruby-activerecord-3.2 <unfixed>
+ - ruby-activerecord-3.2 <unfixed> (bug #703348)
- ruby-activerecord-2.3 <unfixed>
- rails 2.3.14.1
NOTE: Starting with 2.3.14.1 rails is a transition package
More information about the Secure-testing-commits
mailing list