[Secure-testing-commits] r30384 - in data: . CVE

Holger Levsen holger at moszumanska.debian.org
Thu Nov 27 13:16:14 UTC 2014


Author: holger
Date: 2014-11-27 13:16:14 +0000 (Thu, 27 Nov 2014)
New Revision: 30384

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
CVE-2012-6109: mark as <not-affected> for squeeze as vulnerable code is not present

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-27 13:08:17 UTC (rev 30383)
+++ data/CVE/list	2014-11-27 13:16:14 UTC (rev 30384)
@@ -43794,6 +43794,7 @@
 CVE-2012-6109 (lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x ...)
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
+	[squeeze] - ruby-rack <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/rack/rack/commit/4fc44671b3cad569421f4f8b775c0590b86f575e
 	NOTE: https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
 CVE-2012-6108 (HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses ...)

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2014-11-27 13:08:17 UTC (rev 30383)
+++ data/dla-needed.txt	2014-11-27 13:16:14 UTC (rev 30384)
@@ -36,8 +36,6 @@
 --
 libphp-snoopy
 --
-librack-ruby (Holger Levsen)
---
 libspring-2.5-java
 --
 libvncserver




More information about the Secure-testing-commits mailing list