Your message dated Wed, 8 Apr 2015 12:12:02 +0200
with message-id <[email protected]>
and subject line Re: #668977: CVE-2012-1098: Cross-site scripting (XSS)
vulnerability in Ruby on Rails 3.0.x [check if applies to RoR 2.3]
has caused the Debian Bug report #668977,
regarding CVE-2012-1098: Cross-site scripting (XSS) vulnerability in Ruby on
Rails 3.0.x [check if applies to RoR 2.3]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
668977: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668977
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: rails
Severity: grave
Tags: security
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1098
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/edd28f1e3d04e913?pli=1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099:
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/9da0c515a6c4664
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
AFAICT, the version in wheezy has been fixed, and jessie and sid
contain much newer versions (4.x) that should have inherited the fix
upstream a long time ago.
Closing.
--
,''`. Christian Hofstaedtler <[email protected]>
: :' : Debian Developer
`. `' 7D1A CFFA D9E0 806C 9C4C D392 5C13 D6DB 9305 2E03
`-
pgp9Ocuxf0T07.pgp
Description: PGP signature
--- End Message ---
_______________________________________________
Pkg-ruby-extras-maintainers mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
