Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 8 Dec 2014 15:28:12 -0800
From: David Cramer <david@...sentry.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request

(Pardon my complete lack of any clue how this process works) 

Now seems like a good time to formalize our internal policy of how we do security releases, and while we might have already butchered this one, it was suggested we attempt to get a CVE assigned.

Software name and optionally vendor name
raven-ruby (part of Sentry)

Type of vulnerability
DoS

Link to vulnerable source code or fix
https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fgetsentry%2Fraven-ruby%2Fcommit%2F477ee93a3f735be33bc1e726820654cdf6e22d8f&sa=D&sntz=1&usg=AFQjCNHdtqW_RuP8AZJu6fsevXS354EhrQ

Link to security advisory
https://groups.google.com/forum/#!topic/getsentry/Cz5bih0ZY1U

Affected version(s)
0.6.0 and newer. Likely this translates to every single version anyone uses.

Software version(s) fixed (if available)
0.12.2

Thanks!

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.