[Git][security-tracker-team/security-tracker][master] Correct overall status for CVE-2018-16477/rails
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 27 22:09:38 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
198f6dcf by Salvatore Bonaccorso at 2018-11-27T22:08:17Z
Correct overall status for CVE-2018-16477/rails
5.2.0 is only present in experimental.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10652,8 +10652,7 @@ CVE-2018-16478
RESERVED
CVE-2018-16477 [Bypass vulnerability in Active Storage]
RESERVED
- - rails <unfixed>
- [stretch] - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present)
+ - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2018/11/27/5
CVE-2018-16476 [Broken Access Control vulnerability in Active Job]
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/198f6dcfab4d7ba21ed6463969f5300b9a2c4e92
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/198f6dcfab4d7ba21ed6463969f5300b9a2c4e92
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181127/a2874c4d/attachment.html>
More information about the debian-security-tracker-commits
mailing list