[Secure-testing-commits] r39514 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Feb 6 10:11:03 UTC 2016
Author: carnil
Date: 2016-02-06 10:11:03 +0000 (Sat, 06 Feb 2016)
New Revision: 39514
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2015-3227/rails
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-06 10:08:13 UTC (rev 39513)
+++ data/CVE/list 2016-02-06 10:11:03 UTC (rev 39514)
@@ -21432,7 +21432,7 @@
NOTE: File to reproduce segfault with ps2pdf: http://bugs.ghostscript.com/attachment.cgi?id=11776
CVE-2015-3227 (The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby ...)
{DSA-3464-1}
- - rails <unfixed> (bug #790487)
+ - rails 2:4.2.4-2 (bug #790487)
[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
- ruby-activesupport-3.2 <removed>
More information about the Secure-testing-commits
mailing list