Author: nion Date: 2008-10-02 12:02:01 +0000 (Thu, 02 Oct 2008) New Revision: 9940 Modified: data/CVE/list Log: CVE-2008-4094 fixed in rails 2.1.0-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-02 12:00:32 UTC (rev 9939) +++ data/CVE/list 2008-10-02 12:02:01 UTC (rev 9940) @@ -593,7 +593,9 @@ CVE-2008-4095 (Multiple unspecified vulnerabilities in Flip4Mac WMV before 2.2.1 have ...) NOT-FOR-US: Flip4Mac WMV CVE-2008-4094 (Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 ...) - - rails <unfixed> (bug #500791) + - rails 2.1.0-1 (medium; bug #500791) + NOTE: in mysql this only allows information disclosure as multiline statements are + NOTE: not allowed by default CVE-2008-4093 (SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and ...) NOT-FOR-US: YourOwnBux CVE-2008-4092 (SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) ...)