Author: fgeek-guest Date: 2012-06-01 06:27:04 +0000 (Fri, 01 Jun 2012) New Revision: 19397 Modified: data/CVE/list Log: Added new Ruby on Rails Active Record issue CVE-2012-2660. Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-05-31 21:26:09 UTC (rev 19396) +++ data/CVE/list 2012-06-01 06:27:04 UTC (rev 19397) @@ -909,8 +909,12 @@ - ruby-activerecord-3.2 <unfixed> (bug #675396) NOTE: Versions Affected: 3.0.0 and ALL later versions. Not affected: 2.3.14. Fixed Versions: 3.2.4, 3.1.5, 3.0.13 NOTE: http://seclists.org/oss-sec/2012/q2/448 -CVE-2012-2660 +CVE-2012-2660 (Unsafe Query Generation Risk in Ruby on Rails in Active Record) RESERVED + [squeeze] - ruby-activerecord <not-affected> + - ruby-activerecord-3.2 <unfixed> + NOTE: Versions affected: all, fixed in versions 3.2.4, 3.1.5, 3.0.13 + NOTE: http://seclists.org/oss-sec/2012/q2/449 CVE-2012-2659 RESERVED CVE-2012-2658