[Secure-testing-commits] r44205 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Aug 28 21:10:11 UTC 2016
Author: sectracker
Date: 2016-08-28 21:10:11 +0000 (Sun, 28 Aug 2016)
New Revision: 44205
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-28 20:45:00 UTC (rev 44204)
+++ data/CVE/list 2016-08-28 21:10:11 UTC (rev 44205)
@@ -2166,7 +2166,7 @@
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package and introduced in 4.2 anyway)
CVE-2016-6316 [Possible XSS Vulnerability in Action View]
RESERVED
- {DSA-3651-1}
+ {DSA-3651-1 DLA-604-1}
- rails 2:4.2.7.1-1 (low; bug #834155)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
- ruby-actionpack-3.2 <removed>
@@ -15792,7 +15792,7 @@
- xerces-c 3.1.3+debian-2 (bug #823863)
NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
- {DSA-3509-1}
+ {DSA-3509-1 DLA-604-1}
- rails 2:4.2.5.2-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -15802,7 +15802,7 @@
NOTE: Versions Affected: 3.2.x, 4.0.x, 4.1.x, 4.2.x
NOTE: Fixed Versions: 3.2.22.2, 4.1.14.2, 4.2.5.2
CVE-2016-2097 (Directory traversal vulnerability in Action View in Ruby on Rails ...)
- {DSA-3509-1}
+ {DSA-3509-1 DLA-604-1}
- rails 2:4.2.5.2-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -20680,7 +20680,7 @@
[wheezy] - ruby-activesupport-2.3 <end-of-life>
- ruby-activemodel-3.2 <removed>
CVE-2016-0752 (Directory traversal vulnerability in Action View in Ruby on Rails ...)
- {DSA-3464-1}
+ {DSA-3464-1 DLA-604-1}
- rails 2:4.2.5.1-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -20688,7 +20688,7 @@
- ruby-actionpack-2.3 <removed>
[wheezy] - ruby-actionpack-2.3 <end-of-life>
CVE-2016-0751 (actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in ...)
- {DSA-3464-1}
+ {DSA-3464-1 DLA-604-1}
- rails 2:4.2.5.1-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -25767,7 +25767,7 @@
- ruby-activerecord-2.3 <removed>
[wheezy] - ruby-activerecord-2.3 <end-of-life>
CVE-2015-7576 (The http_basic_authenticate_with method in ...)
- {DSA-3464-1}
+ {DSA-3464-1 DLA-604-1}
- rails 2:4.2.5.1-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
More information about the Secure-testing-commits
mailing list