[Secure-testing-commits] r44205 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Aug 28 21:10:11 UTC 2016


Author: sectracker
Date: 2016-08-28 21:10:11 +0000 (Sun, 28 Aug 2016)
New Revision: 44205

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-28 20:45:00 UTC (rev 44204)
+++ data/CVE/list	2016-08-28 21:10:11 UTC (rev 44205)
@@ -2166,7 +2166,7 @@
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package and introduced in 4.2 anyway)
 CVE-2016-6316 [Possible XSS Vulnerability in Action View]
 	RESERVED
-	{DSA-3651-1}
+	{DSA-3651-1 DLA-604-1}
 	- rails 2:4.2.7.1-1 (low; bug #834155)
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
 	- ruby-actionpack-3.2 <removed>
@@ -15792,7 +15792,7 @@
 	- xerces-c 3.1.3+debian-2 (bug #823863)
 	NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
 CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
-	{DSA-3509-1}
+	{DSA-3509-1 DLA-604-1}
 	- rails 2:4.2.5.2-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
 	[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -15802,7 +15802,7 @@
 	NOTE: Versions Affected: 3.2.x, 4.0.x, 4.1.x, 4.2.x
 	NOTE: Fixed Versions: 3.2.22.2, 4.1.14.2, 4.2.5.2
 CVE-2016-2097 (Directory traversal vulnerability in Action View in Ruby on Rails ...)
-	{DSA-3509-1}
+	{DSA-3509-1 DLA-604-1}
 	- rails 2:4.2.5.2-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
 	[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -20680,7 +20680,7 @@
 	[wheezy] - ruby-activesupport-2.3 <end-of-life>
 	- ruby-activemodel-3.2 <removed>
 CVE-2016-0752 (Directory traversal vulnerability in Action View in Ruby on Rails ...)
-	{DSA-3464-1}
+	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
 	[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -20688,7 +20688,7 @@
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
 CVE-2016-0751 (actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in ...)
-	{DSA-3464-1}
+	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
 	[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -25767,7 +25767,7 @@
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
 CVE-2015-7576 (The http_basic_authenticate_with method in ...)
-	{DSA-3464-1}
+	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
 	[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)




More information about the Secure-testing-commits mailing list