[Secure-testing-commits] r38239 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Sat Dec 12 10:32:52 UTC 2015
Author: fgeek-guest
Date: 2015-12-12 10:32:52 +0000 (Sat, 12 Dec 2015)
New Revision: 38239
Modified:
data/CVE/list
Log:
add ruby-mail smtp injection issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-12 10:28:34 UTC (rev 38238)
+++ data/CVE/list 2015-12-12 10:32:52 UTC (rev 38239)
@@ -1,3 +1,9 @@
+CVE-2015-XXXX [ruby-mail: SMTP injection via recipient email addresses]
+ - ruby-mail <unfixed>
+ NOTE: https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83
+ NOTE: CVE request: http://www.openwall.com/lists/oss-security/2015/12/11/3
+ NOTE: According to CVE request this issue is fixed in 2.6.0
+ TODO: check
CVE-2015-XXXX [quassel: op command denial of service issue]
- quassel <unfixed>
NOTE: https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7
More information about the Secure-testing-commits
mailing list