Author: fgeek-guest Date: 2015-12-12 10:32:52 +0000 (Sat, 12 Dec 2015) New Revision: 38239
Modified: data/CVE/list Log: add ruby-mail smtp injection issue Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-12-12 10:28:34 UTC (rev 38238) +++ data/CVE/list 2015-12-12 10:32:52 UTC (rev 38239) @@ -1,3 +1,9 @@ +CVE-2015-XXXX [ruby-mail: SMTP injection via recipient email addresses] + - ruby-mail <unfixed> + NOTE: https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83 + NOTE: CVE request: http://www.openwall.com/lists/oss-security/2015/12/11/3 + NOTE: According to CVE request this issue is fixed in 2.6.0 + TODO: check CVE-2015-XXXX [quassel: op command denial of service issue] - quassel <unfixed> NOTE: https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
