[Secure-testing-commits] r33426 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Apr 8 05:23:05 UTC 2015
Author: carnil
Date: 2015-04-08 05:23:05 +0000 (Wed, 08 Apr 2015)
New Revision: 33426
Modified:
data/CVE/list
Log:
Add ruby-redcarpet issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-08 05:22:58 UTC (rev 33425)
+++ data/CVE/list 2015-04-08 05:23:05 UTC (rev 33426)
@@ -1,3 +1,8 @@
+CVE-2015-XXXX [ossible XSS via autolinking of untrusted markdown]
+ - ruby-redcarpet <unfixed>
+ NOTE: Fix: https://github.com/vmg/redcarpet/commit/e5a10516d07114d582d13b9125b733008c61c242
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/07/11
+ TODO: check possibly related gems
CVE-2015-XXXX [DoS -- OOPS NULL pointer dereference in nf_nat_setup_info+0x471]
- linux 3.14.5-1 (bug #741667)
[wheezy] - linux <not-affected> (Introduced in 3.6)
More information about the Secure-testing-commits
mailing list