Author: lamby
Date: 2016-05-14 15:33:37 +0000 (Sat, 14 May 2016)
New Revision: 41721
Modified:
data/CVE/list
Log:
Triage ruby-activesupport-3.2 in Wheezy LTS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-14 14:41:52 UTC (rev 41720)
+++ data/CVE/list 2016-05-14 15:33:37 UTC (rev 41721)
@@ -17428,6 +17428,7 @@
- ruby-actionpack-2.3 <removed>
[wheezy] - ruby-actionpack-2.3 <end-of-life>
- ruby-activesupport-3.2 <removed>
+ [wheezy] - ruby-activesupport-3.2 <end-of-life>
- ruby-activesupport-2.3 <removed>
[wheezy] - ruby-activesupport-2.3 <end-of-life>
CVE-2015-7575 (Mozilla Network Security Services (NSS) before 3.20.2, as used
in ...)
@@ -29710,6 +29711,7 @@
[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a
transitional package)
- ruby-activesupport-3.2 <removed>
+ [wheezy] - ruby-activesupport-3.2 <end-of-life>
- ruby-activesupport-2.3 <removed>
[wheezy] - ruby-activesupport-2.3 <end-of-life>
(https://lists.debian.org/debian-security-announce/2014/msg00164.html)
CVE-2015-3226 (Cross-site scripting (XSS) vulnerability in json/encoding.rb in
Active ...)
@@ -29718,6 +29720,7 @@
[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a
transitional package)
- ruby-activesupport-3.2 <removed>
+ [wheezy] - ruby-activesupport-3.2 <end-of-life>
- ruby-activesupport-2.3 <removed>
[wheezy] - ruby-activesupport-2.3 <end-of-life>
(https://lists.debian.org/debian-security-announce/2014/msg00164.html)
CVE-2015-3225 (lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2,
as used ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
