Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 1 Mar 2013 10:10:30 -0800
From: Reed Loden <reed@...dloden.com>
To: oss-security@...ts.openwall.com
Cc: meissner@...e.de
Subject: Re: CVE Request: various gems in aftermath of
 rubygem actionpack issue

On Fri, 1 Mar 2013 17:43:01 +0100
Marcus Meissner <meissner@...e.de> wrote:

> I think these rubygem updates have got no CVE entry/ies yet:
> https://support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately

nori got assigned CVE-2013-0285. I don't see any assignments on the
list for httparty, extlib, or crack, though.

Also see https://github.com/rubysec/ruby-advisory-db/issues/7

~reed

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.