Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 1 Mar 2013 10:10:30 -0800
From: Reed Loden <reed@...dloden.com>
To: oss-security@...ts.openwall.com
Cc: meissner@...e.de
Subject: Re: CVE Request: various gems in aftermath of
 rubygem actionpack issue

On Fri, 1 Mar 2013 17:43:01 +0100
Marcus Meissner <meissner@...e.de> wrote:

> I think these rubygem updates have got no CVE entry/ies yet:
> https://support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately

nori got assigned CVE-2013-0285. I don't see any assignments on the
list for httparty, extlib, or crack, though.

Also see https://github.com/rubysec/ruby-advisory-db/issues/7

~reed

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ