[Secure-testing-commits] r27799 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 18 04:58:31 UTC 2014
Author: carnil
Date: 2014-07-18 04:58:00 +0000 (Fri, 18 Jul 2014)
New Revision: 27799
Modified:
data/CVE/list
Log:
Add fixed version for two rails-3.2 CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-18 04:52:29 UTC (rev 27798)
+++ data/CVE/list 2014-07-18 04:58:00 UTC (rev 27799)
@@ -3413,7 +3413,7 @@
- ruby-activerecord-3.2 <removed>
- rails <unfixed>
[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
- - rails-3.2 <unfixed>
+ - rails-3.2 3.2.19-1
- rails-4.0 <unfixed>
TODO: check, additionally rails is now again a sourcepackage e.g. providing ruby-activerecord-3.2
CVE-2014-3482 (SQL injection vulnerability in ...)
@@ -3421,7 +3421,7 @@
- ruby-activerecord-3.2 <removed>
- rails <unfixed>
[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
- - rails-3.2 <unfixed>
+ - rails-3.2 3.2.19-1
- rails-4.0 <unfixed>
TODO: check, additionally rails is now again a sourcepackage e.g. providing ruby-activerecord-3.2
CVE-2014-3481 (org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat ...)
More information about the Secure-testing-commits
mailing list