[Secure-testing-commits] r39175 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 25 21:32:26 UTC 2016
Author: carnil
Date: 2016-01-25 21:32:26 +0000 (Mon, 25 Jan 2016)
New Revision: 39175
Modified:
data/CVE/list
Log:
Add CVE-2015-7581, kept TODO
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-25 21:30:29 UTC (rev 39174)
+++ data/CVE/list 2016-01-25 21:32:26 UTC (rev 39175)
@@ -8464,8 +8464,13 @@
RESERVED
CVE-2015-7582
RESERVED
-CVE-2015-7581
+CVE-2015-7581 [Object leak vulnerability for wildcard controller routes in Action Pack]
RESERVED
+ - rails <unfixed>
+ [wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
+ - ruby-actionpack-3.2 <removed>
+ - ruby-actionpack-2.3 <removed>
+ TODO: check
CVE-2015-7580 [Possible XSS vulnerability in rails-html-sanitizer]
RESERVED
- ruby-rails-html-sanitizer <unfixed>
More information about the Secure-testing-commits
mailing list