[Secure-testing-commits] r35924 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Aug 7 16:17:32 UTC 2015
Author: jmm
Date: 2015-08-07 16:17:32 +0000 (Fri, 07 Aug 2015)
New Revision: 35924
Modified:
data/CVE/list
Log:
sidekiq no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-07 12:27:09 UTC (rev 35923)
+++ data/CVE/list 2015-08-07 16:17:32 UTC (rev 35924)
@@ -122,7 +122,9 @@
NOTE: Patch: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=58c721ac2dc96bccd737f3f544f3a22a50477bbf
NOTE: Testcase: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=c261018477f971d274dee305d27f8bff4afd4238
CVE-2015-XXXX [Sidekiq::Web lacks CSRF protection]
+ [experimental] - ruby-sidekiq 3.4.2~dfsg-1
- ruby-sidekiq <unfixed>
+ [jessie] - ruby-sidekiq <no-dsa> (Minor issue)
NOTE: https://github.com/mperham/sidekiq/pull/2422
NOTE: Fixed by https://github.com/mperham/sidekiq/commit/cf3c43b2410c4573e05ac119494e41115f4140ad
NOTE: Fix released in sidekiq 3.4.2
@@ -132,6 +134,7 @@
CVE-2015-XXXX [XSS via job arguments display class in Sidekiq::Web]
[experimental] - ruby-sidekiq 3.4.2~dfsg-1
- ruby-sidekiq <unfixed>
+ [jessie] - ruby-sidekiq <no-dsa> (Minor issue)
NOTE: https://github.com/mperham/sidekiq/pull/2309
NOTE: Fixed by https://github.com/mperham/sidekiq/commit/54766f336620ca0ce3b0b87a7a56382496e64b61
NOTE: Fix released in sidekiq 3.4.0
@@ -139,6 +142,7 @@
CVE-2015-XXXX [XSS via queue name in Sidekiq::Web]
[experimental] - ruby-sidekiq 3.4.2~dfsg-1
- ruby-sidekiq <unfixed>
+ [jessie] - ruby-sidekiq <no-dsa> (Minor issue)
NOTE: https://github.com/mperham/sidekiq/issues/2330
NOTE: Fixed by https://github.com/mperham/sidekiq/commit/2178d66b6686fbf4430223c34c184a64c9906828
NOTE: Fix released in sidekiq 3.4.0
More information about the Secure-testing-commits
mailing list