[Secure-testing-commits] r39215 - data/CVE

Tue Jan 26 21:06:28 UTC 2016

Author: jmm
Date: 2016-01-26 21:06:28 +0000 (Tue, 26 Jan 2016)
New Revision: 39215

Modified:
   data/CVE/list
Log:
ruby-rails-html-sanitizer bug


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-01-26 21:03:45 UTC (rev 39214)
+++ data/CVE/list	2016-01-26 21:06:28 UTC (rev 39215)
@@ -8577,14 +8577,13 @@
 	TODO: check
 CVE-2015-7580 [Possible XSS vulnerability in rails-html-sanitizer]
 	RESERVED
-	- ruby-rails-html-sanitizer <unfixed>
+	- ruby-rails-html-sanitizer <unfixed> (bug #812814)
 CVE-2015-7579 [XSS vulnerability in rails-html-sanitizer]
 	RESERVED
-	- ruby-rails-html-sanitizer <unfixed>
+	- ruby-rails-html-sanitizer <unfixed> (bug #812814)
 CVE-2015-7578 [Possible XSS vulnerability in rails-html-sanitizer]
 	RESERVED
-	- ruby-rails-html-sanitizer <unfixed>
-	TODO: check
+	- ruby-rails-html-sanitizer <unfixed> (bug #812814)
 CVE-2015-7577 [Nested attributes rejection proc bypass in Active Record]
 	RESERVED
 	- rails <unfixed>


