[Secure-testing-commits] r47492 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-12-27 14:27:37 +0000 (Tue, 27 Dec 2016)
New Revision: 47492

Modified:
   data/CVE/list
Log:
Track fixes included in unstable for ruby-sidekiq

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-27 13:42:20 UTC (rev 47491)
+++ data/CVE/list	2016-12-27 14:27:37 UTC (rev 47492)
@@ -48735,8 +48735,7 @@
 	NOTE: Testcase: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=c261018477f971d274dee305d27f8bff4afd4238
 	NOTE: squeeze-tagged entry as temporary workaround until CVE assigned for issue solved in DLA-291-1
 CVE-2015-XXXX [Sidekiq::Web lacks CSRF protection]
-	[experimental] - ruby-sidekiq 3.4.2~dfsg-1
-	- ruby-sidekiq <unfixed>
+	- ruby-sidekiq 3.4.2~dfsg-3
 	[jessie] - ruby-sidekiq <no-dsa> (Minor issue)
 	NOTE: https://github.com/mperham/sidekiq/pull/2422
 	NOTE: Fixed by https://github.com/mperham/sidekiq/commit/cf3c43b2410c4573e05ac119494e41115f4140ad
@@ -48745,16 +48744,14 @@
 	NOTE: Follow-up commit not included in 3.4.2~dfsg-1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/01/2
 CVE-2015-XXXX [XSS via job arguments display class in Sidekiq::Web]
-	[experimental] - ruby-sidekiq 3.4.2~dfsg-1
-	- ruby-sidekiq <unfixed>
+	- ruby-sidekiq 3.4.2~dfsg-3
 	[jessie] - ruby-sidekiq <no-dsa> (Minor issue)
 	NOTE: https://github.com/mperham/sidekiq/pull/2309
 	NOTE: Fixed by https://github.com/mperham/sidekiq/commit/54766f336620ca0ce3b0b87a7a56382496e64b61
 	NOTE: Fix released in sidekiq 3.4.0
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/01/2
 CVE-2015-XXXX [XSS via queue name in Sidekiq::Web]
-	[experimental] - ruby-sidekiq 3.4.2~dfsg-1
-	- ruby-sidekiq <unfixed>
+	- ruby-sidekiq 3.4.2~dfsg-3
 	[jessie] - ruby-sidekiq <no-dsa> (Minor issue)
 	NOTE: https://github.com/mperham/sidekiq/issues/2330
 	NOTE: Fixed by https://github.com/mperham/sidekiq/commit/2178d66b6686fbf4430223c34c184a64c9906828