[Secure-testing-commits] r30451 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Nov 29 21:51:21 UTC 2014
Author: jmm
Date: 2014-11-29 21:51:21 +0000 (Sat, 29 Nov 2014)
New Revision: 30451
Modified:
data/CVE/list
Log:
older rails issues fixed
rsync no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-29 21:43:42 UTC (rev 30450)
+++ data/CVE/list 2014-11-29 21:51:21 UTC (rev 30451)
@@ -3026,6 +3026,9 @@
NOTE: https://launchpad.net/bugs/1357372
CVE-2014-XXXX [rsync collision attack]
- rsync <unfixed> (low)
+ [jessie] - rsync <no-dsa> (Minor issue, too instrusive to backport)
+ [wheezy] - rsync <no-dsa> (Minor issue, too instrusive to backport)
+ [squeeze] - rsync <no-dsa> (Minor issue, too instrusive to backport)
CVE-2014-8242
RESERVED
- librsync <unfixed> (low)
@@ -14068,7 +14071,7 @@
- ruby-activerecord-2.3 <removed>
[wheezy] - ruby-activerecord-2.3 <end-of-life>
- ruby-activerecord-3.2 <removed>
- - rails <unfixed>
+ - rails 2:4.1.4-1
[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
- rails-3.2 3.2.19-1
@@ -14078,7 +14081,7 @@
- ruby-activerecord-2.3 <removed>
[wheezy] - ruby-activerecord-2.3 <end-of-life>
- ruby-activerecord-3.2 <removed>
- - rails <unfixed>
+ - rails 2:4.1.4-1
[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
- rails-3.2 3.2.19-1
More information about the Secure-testing-commits
mailing list