oss-sec mailing list archives

Re: CVE Request

From: cve-assign () mitre org
Date: Sat, 3 Jan 2015 18:55:53 -0500 (EST)


On Mon, 8 Dec 2014, David Cramer wrote:

Software name and optionally vendor name
raven-ruby (part of Sentry)

Type of vulnerability
DoS

Link to vulnerable source code or fix
https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fgetsentry%2Fraven-ruby%2Fcommit%2F477ee93a3f735be33bc1e726820654cdf6e22d8f&sa=D&sntz=1&usg=AFQjCNHdtqW_RuP8AZJu6fsevXS354EhrQ

Link to security advisory
https://groups.google.com/forum/#!topic/getsentry/Cz5bih0ZY1U

Affected version(s)
0.6.0 and newer. Likely this translates to every single version anyone uses.

Software version(s) fixed (if available)
0.12.2


Use CVE-2014-9490.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Current thread:

Re: CVE Request cve-assign (Jan 03)
- <Possible follow-ups>
- CVE request Daniel Strøm (Jan 08)
  - Re: CVE request cve-assign (Jan 11)
    - Re: CVE request Daniel Strøm (Jan 11)
- CVE request Galen Charlton (Mar 03)
  - Re: CVE request - Evergreen cve-assign (Mar 03)
    - Re: CVE request - Evergreen Galen Charlton (Mar 03)
  - Re: CVE request - Evergreen cve-assign (Mar 03)