Date: Mon, 8 Dec 2014 15:28:12 -0800 From: David Cramer <david@...sentry.com> To: oss-security@...ts.openwall.com Subject: CVE Request (Pardon my complete lack of any clue how this process works) Now seems like a good time to formalize our internal policy of how we do security releases, and while we might have already butchered this one, it was suggested we attempt to get a CVE assigned. Software name and optionally vendor name raven-ruby (part of Sentry) Type of vulnerability DoS Link to vulnerable source code or fix https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fgetsentry%2Fraven-ruby%2Fcommit%2F477ee93a3f735be33bc1e726820654cdf6e22d8f&sa=D&sntz=1&usg=AFQjCNHdtqW_RuP8AZJu6fsevXS354EhrQ Link to security advisory https://groups.google.com/forum/#!topic/getsentry/Cz5bih0ZY1U Affected version(s) 0.6.0 and newer. Likely this translates to every single version anyone uses. Software version(s) fixed (if available) 0.12.2 Thanks!
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.