[Secure-testing-commits] r28224 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Aug 12 05:00:33 UTC 2014 

Author: carnil
Date: 2014-08-12 05:00:33 +0000 (Tue, 12 Aug 2014)
New Revision: 28224

Modified:
   data/CVE/list
Log:
rails-4.0 removed from the archive

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-12 04:41:25 UTC (rev 28223)
+++ data/CVE/list	2014-08-12 05:00:33 UTC (rev 28224)
@@ -4052,7 +4052,7 @@
 	- rails <unfixed>
 	[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
 	- rails-3.2 3.2.19-1
-	- rails-4.0 <unfixed>
+	- rails-4.0 <removed>
 CVE-2014-3482 (SQL injection vulnerability in ...)
 	{DSA-2982-1}
 	- ruby-activerecord-2.3 <removed>
@@ -4061,7 +4061,7 @@
 	- rails <unfixed>
 	[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
 	- rails-3.2 3.2.19-1
-	- rails-4.0 <unfixed>
+	- rails-4.0 <removed>
 CVE-2014-3481 (org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2014-3480 (The cdf_count_chain function in cdf.c in file before 5.19, as used in ...)
@@ -13601,7 +13601,7 @@
 	- ruby-actionpack-2.3 <not-affected> (Vulnerable code not present)
 	- ruby-actionpack-3.2 <removed> (bug #747382)
 	- rails-3.2 3.2.18-1 (bug #747382)
-	- rails-4.0 <unfixed> (bug #747380)
+	- rails-4.0 <removed> (bug #747380)
 CVE-2014-0129 (badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
@@ -13781,7 +13781,7 @@
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 CVE-2014-0081 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	{DSA-2929-1}
-	- rails-4.0 <unfixed>
+	- rails-4.0 <removed>
 	- rails-3.2 3.2.17-1
 	- ruby-actionpack-3.2 <removed>
 	- ruby-actionpack-2.3 <removed>
@@ -13790,7 +13790,7 @@
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 CVE-2014-0080 (SQL injection vulnerability in ...)
-	- rails-4.0 <unfixed>
+	- rails-4.0 <removed>
 	- ruby-activerecord-3.2 <not-affected> (affects only rails 4.0.x)
 	- ruby-activerecord-2.3 <not-affected> (affects only rails 4.0.x)
 	- rails <not-affected> (affects only rails 4.0.x)

More information about the Secure-testing-commits mailing list