[Secure-testing-commits] r24553 - data/CVE

Salvatore Bonaccorso Tue, 03 Dec 2013 13:46:29 -0800

Author: carnil
Date: 2013-12-03 21:45:59 +0000 (Tue, 03 Dec 2013)
New Revision: 24553


Modified:
   data/CVE/list
Log:
Add CVE-2013-6416

NOTE: as with the previous CVE's I have left the TODO item, as reporting
to the BTS is missing yet.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-12-03 21:42:15 UTC (rev 24552)
+++ data/CVE/list       2013-12-03 21:45:59 UTC (rev 24553)
@@ -1095,8 +1095,14 @@
        RESERVED
 CVE-2013-6417
        RESERVED
-CVE-2013-6416
+CVE-2013-6416 [XSS]
        RESERVED
+       - rails-4.0 <unfixed>
+       - ruby-actionpack-3.2 <not-affected> (vulnerable code not present)
+       - ruby-actionpack-2.3 <not-affected> (vulnerable coee not present)
+       - rails 2.3.14.1
+       NOTE: Starting with 2.3.14.1 rails is a transition package
+       TODO: check, report to BTS
 CVE-2013-6415 [XSS]
        RESERVED
        - rails-4.0 <unfixed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r24553 - data/CVE

Reply via email to