[Secure-testing-commits] r44181 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Sat Aug 27 15:09:08 UTC 2016
Author: agx
Date: 2016-08-27 15:09:08 +0000 (Sat, 27 Aug 2016)
New Revision: 44181
Modified:
data/CVE/list
Log:
ruby-activesupport-3.2 not affected by CVE-2015-7576
The upstream patch ships a new helper method for actionpack but the bug
is in ruby-actionpack-3.2 only.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-27 15:01:16 UTC (rev 44180)
+++ data/CVE/list 2016-08-27 15:09:08 UTC (rev 44181)
@@ -25762,6 +25762,7 @@
- ruby-actionpack-2.3 <removed>
[wheezy] - ruby-actionpack-2.3 <end-of-life>
- ruby-activesupport-3.2 <removed>
+ [wheezy] - ruby-activesupport-3.2 <not-affected> (Vulnerable code not present)
- ruby-activesupport-2.3 <removed>
[wheezy] - ruby-activesupport-2.3 <end-of-life>
NOTE: https://github.com/rails/rails/commit/a6fa3960c3a149e83eb2ff057be4472a82958e3d
More information about the Secure-testing-commits
mailing list