[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16471/ruby-rack

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b98befc by Salvatore Bonaccorso at 2018-11-05T20:25:26Z
Add CVE-2018-16471/ruby-rack

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6048,8 +6048,12 @@ CVE-2018-16473
 	RESERVED
 CVE-2018-16472
 	RESERVED
-CVE-2018-16471
+CVE-2018-16471 [Possible XSS vulnerability in Rack]
 	RESERVED
+	- ruby-rack <unfixed>
+	NOTE: Fixed by: https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd (master)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/8376dd11e6526a53432ee59b7a5d092bda9fc901 (2.0.6)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/97ca63d87d88b4088fb1995b14103d4fe6a5e594 (1.6.11)
 CVE-2018-16470 [Possible DoS vulnerability in Rack]
 	RESERVED
 	- ruby-rack <not-affected> (Only affects >= 2.0.4)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b98befc684ec432075856ace6fc1d65a458cd8a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b98befc684ec432075856ace6fc1d65a458cd8a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181105/f8c8a9d9/attachment.html>