Author: fgeek-guest Date: 2012-05-31 20:43:09 +0000 (Thu, 31 May 2012) New Revision: 19394 Modified: data/CVE/list Log: CVE-2012-2661/#675396 updates. Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-05-31 20:23:26 UTC (rev 19393) +++ data/CVE/list 2012-05-31 20:43:09 UTC (rev 19394) @@ -603,9 +603,10 @@ RESERVED CVE-2012-2662 RESERVED -CVE-2012-2661 (SQL Injection Vulnerability in Ruby on Rails) +CVE-2012-2661 (SQL Injection Vulnerability in Ruby on Rails in Active Record) RESERVED - - rails (bug #675396) + [squeeze] - ruby-activerecord <not-affected> + - ruby-activerecord-3.2 <unfixed> (bug #675396) NOTE: Versions Affected: 3.0.0 and ALL later versions. Not affected: 2.3.14. Fixed Versions: 3.2.4, 3.1.5, 3.0.13 NOTE: http://seclists.org/oss-sec/2012/q2/448 CVE-2012-2660