[Secure-testing-commits] r30461 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 30 15:38:43 UTC 2014
Author: carnil
Date: 2014-11-30 15:38:43 +0000 (Sun, 30 Nov 2014)
New Revision: 30461
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-2538/ruby-rack-ssl
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-30 14:11:14 UTC (rev 30460)
+++ data/CVE/list 2014-11-30 15:38:43 UTC (rev 30461)
@@ -16795,7 +16795,7 @@
CVE-2014-2567 (The OpenConnectionTask::handleStateHelper function in ...)
NOT-FOR-US: Trojita
CVE-2014-2538 (Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the ...)
- - ruby-rack-ssl <unfixed> (low; bug #742186)
+ - ruby-rack-ssl 1.3.2-4 (low; bug #742186)
[wheezy] - ruby-rack-ssl <no-dsa> (Minor issue)
NOTE: https://github.com/josh/rack-ssl/commit/9d7d7300b907e496db68d89d07fbc2e0df0b487b
CVE-2014-2528 (kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when ...)
More information about the Secure-testing-commits
mailing list