thr3ads.net - Secure testing commits - [Secure-testing-commits] r12288

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Nico Golde

2009-Jul-06 09:28 UTC

[Secure-testing-commits] r12288 - data/CVE

Author: nion
Date: 2009-07-06 09:28:16 +0000 (Mon, 06 Jul 2009)
New Revision: 12288

Modified:
   data/CVE/list
Log:
rails not vulnerable in debian

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-07-06 09:19:16 UTC (rev 12287)
+++ data/CVE/list	2009-07-06 09:28:16 UTC (rev 12288)
@@ -1,5 +1,7 @@
 CVE-2009-XXXX [rails: password bypass]
-	- rails <unfixed> (high; bug #535896)
+	- rails <not-affected> (high; bug #535896)
+	TODO: check after 2.3.x upload
+	NOTE: vulnerable code not present, introduced in 2.3.x
 	NOTE: to be fixed in upstream version 2.3.3
 CVE-2009-XXXX [php: segfaults on corrupted jpeg files]
 	- php5 <unfixed> (low; bug #535888)

Secure testing commits - Jul 2009 - r12288 - data/CVE

[Secure-testing-commits] r12288 - data/CVE