[Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-16470/ruby-rack

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7f264454 by Salvatore Bonaccorso at 2018-11-05T20:29:21Z
Update status for CVE-2018-16470/ruby-rack

Strictly speaking this is not needed as we only track vulnerability
issues up to unstable. But in this case it might be interesant to track
the status for experimental for when ruby-rack in more recent version is
going to be uploaded to unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6056,6 +6056,7 @@ CVE-2018-16471 [Possible XSS vulnerability in Rack]
 	NOTE: Fixed by: https://github.com/rack/rack/commit/97ca63d87d88b4088fb1995b14103d4fe6a5e594 (1.6.11)
 CVE-2018-16470 [Possible DoS vulnerability in Rack]
 	RESERVED
+	[experimental] - ruby-rack <unfixed> (bug #913003)
 	- ruby-rack <not-affected> (Only affects >= 2.0.4)
 	NOTE: Introduced by: https://github.com/rack/rack/commit/c43217a81917de03aa6ceb1aa485ae69b8bb4598 (2.0.4)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/37c1160b2360074d20858792f23a7eb3afeabebd (2.0.6)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f264454c8551c5d3a9c685166fca63c95baa066

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f264454c8551c5d3a9c685166fca63c95baa066
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181105/021bef79/attachment.html>