oss-sec mailing list archives
CVE Request
From: David Cramer <david () getsentry com>
Date: Mon, 8 Dec 2014 15:28:12 -0800
(Pardon my complete lack of any clue how this process works) Now seems like a good time to formalize our internal policy of how we do security releases, and while we might have already butchered this one, it was suggested we attempt to get a CVE assigned. Software name and optionally vendor name raven-ruby (part of Sentry) Type of vulnerability DoS Link to vulnerable source code or fix https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fgetsentry%2Fraven-ruby%2Fcommit%2F477ee93a3f735be33bc1e726820654cdf6e22d8f&sa=D&sntz=1&usg=AFQjCNHdtqW_RuP8AZJu6fsevXS354EhrQ Link to security advisory https://groups.google.com/forum/#!topic/getsentry/Cz5bih0ZY1U Affected version(s) 0.6.0 and newer. Likely this translates to every single version anyone uses. Software version(s) fixed (if available) 0.12.2 Thanks!
Current thread:
- CVE Request David Cramer (Dec 08)
- Re: CVE Request Solar Designer (Dec 08)
- Re: CVE Request David Cramer (Dec 08)
- Re: CVE Request Solar Designer (Dec 08)