[Secure-testing-commits] r26323 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 28 19:24:33 UTC 2014
Author: carnil
Date: 2014-03-28 19:24:33 +0000 (Fri, 28 Mar 2014)
New Revision: 26323
Modified:
data/CVE/list
Log:
Mark CVE-2014-0083/ruby-net-ldap as not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-28 19:13:34 UTC (rev 26322)
+++ data/CVE/list 2014-03-28 19:24:33 UTC (rev 26323)
@@ -6810,7 +6810,8 @@
RESERVED
CVE-2014-0083 [SHA passwords generated by the net-ldap Ruby gem use a weak salt]
RESERVED
- - ruby-net-ldap <unfixed> (bug #742706)
+ - ruby-net-ldap <not-affected> (SSHA support not present)
+ NOTE: SSHA support only from version v0.5.0, see #742706
CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in Ruby on ...)
- rails-4.0 <not-affected> (only 3.2.x and earlier)
- rails-3.2 3.2.17-1
More information about the Secure-testing-commits
mailing list