[Secure-testing-commits] r39513 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Feb 6 10:08:13 UTC 2016
Author: carnil
Date: 2016-02-06 10:08:13 +0000 (Sat, 06 Feb 2016)
New Revision: 39513
Modified:
data/CVE/list
Log:
CVE-2015-3226 fixed in rails 4.2.2, first version in unstable was 2:4.2.4-2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-06 09:10:15 UTC (rev 39512)
+++ data/CVE/list 2016-02-06 10:08:13 UTC (rev 39513)
@@ -21440,7 +21440,7 @@
[wheezy] - ruby-activesupport-2.3 <end-of-life> (https://lists.debian.org/debian-security-announce/2014/msg00164.html)
CVE-2015-3226 (Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active ...)
{DSA-3464-1}
- - rails <unfixed> (bug #790486)
+ - rails 2:4.2.4-2 (bug #790486)
[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
- ruby-activesupport-3.2 <removed>
More information about the Secure-testing-commits
mailing list