2013-01-16 09:05:05 |
Christian Kuersteiner |
bug |
|
|
added bug |
2013-01-16 09:05:15 |
Christian Kuersteiner |
information type |
Private Security |
Public Security |
|
2013-01-16 09:07:07 |
Christian Kuersteiner |
cve linked |
|
2013-0155 |
|
2013-01-17 09:07:32 |
Christian Kuersteiner |
attachment added |
|
lp1100188-quantal-3.2.debdiff https://bugs.launchpad.net/ubuntu/+source/ruby-activerecord-3.2/+bug/1100188/+attachment/3485936/+files/lp1100188-quantal-3.2.debdiff |
|
2013-01-17 09:08:17 |
Christian Kuersteiner |
ruby-activerecord-3.2 (Ubuntu): status |
New |
Confirmed |
|
2013-01-17 09:09:01 |
Christian Kuersteiner |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2013-01-17 15:25:32 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Lucid |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
bug task added |
|
ruby-activerecord-3.2 (Ubuntu Lucid) |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Oneiric |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
bug task added |
|
ruby-activerecord-3.2 (Ubuntu Oneiric) |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Quantal |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
bug task added |
|
ruby-activerecord-3.2 (Ubuntu Quantal) |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Precise |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
bug task added |
|
ruby-activerecord-3.2 (Ubuntu Precise) |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Raring |
|
2013-01-17 15:25:32 |
Jamie Strandboge |
bug task added |
|
ruby-activerecord-3.2 (Ubuntu Raring) |
|
2013-01-17 15:25:48 |
Jamie Strandboge |
bug task added |
|
rails (Ubuntu) |
|
2013-01-17 15:26:24 |
Jamie Strandboge |
bug task added |
|
ruby-activerecord-2.3 (Ubuntu) |
|
2013-01-17 15:26:39 |
Jamie Strandboge |
bug task added |
|
ruby-actionpack-2.3 (Ubuntu) |
|
2013-01-17 15:26:59 |
Jamie Strandboge |
bug task added |
|
ruby-actionpack-3.2 (Ubuntu) |
|
2013-01-17 15:27:27 |
Jamie Strandboge |
rails (Ubuntu Lucid): status |
New |
Triaged |
|
2013-01-17 15:27:49 |
Jamie Strandboge |
ruby-actionpack-2.3 (Ubuntu Lucid): status |
New |
Invalid |
|
2013-01-17 15:27:59 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Lucid): status |
New |
Invalid |
|
2013-01-17 15:28:16 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Lucid): status |
New |
Invalid |
|
2013-01-17 15:28:36 |
Jamie Strandboge |
ruby-activerecord-3.2 (Ubuntu Lucid): status |
New |
Invalid |
|
2013-01-17 15:29:18 |
Jamie Strandboge |
rails (Ubuntu Oneiric): status |
New |
Invalid |
|
2013-01-17 15:29:20 |
Jamie Strandboge |
rails (Ubuntu Precise): status |
New |
Invalid |
|
2013-01-17 15:29:24 |
Jamie Strandboge |
rails (Ubuntu Quantal): status |
New |
Invalid |
|
2013-01-17 15:29:26 |
Jamie Strandboge |
rails (Ubuntu Raring): status |
New |
Invalid |
|
2013-01-17 15:29:49 |
Jamie Strandboge |
ruby-actionpack-2.3 (Ubuntu Oneiric): status |
New |
Invalid |
|
2013-01-17 15:29:52 |
Jamie Strandboge |
ruby-actionpack-2.3 (Ubuntu Precise): status |
New |
Invalid |
|
2013-01-17 15:29:55 |
Jamie Strandboge |
ruby-actionpack-2.3 (Ubuntu Quantal): status |
New |
Invalid |
|
2013-01-17 15:29:58 |
Jamie Strandboge |
ruby-actionpack-2.3 (Ubuntu Raring): status |
New |
Invalid |
|
2013-01-17 15:31:17 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Oneiric): status |
New |
Triaged |
|
2013-01-17 15:31:20 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Precise): status |
New |
Triaged |
|
2013-01-17 15:31:22 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Quantal): status |
New |
Triaged |
|
2013-01-17 15:32:00 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Raring): status |
New |
Fix Released |
|
2013-01-17 15:32:21 |
Jamie Strandboge |
description |
There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing.
Versions Affected: 3.x series
Not affected: 2.x series
See also: http://www.openwall.com/lists/oss-security/2013/01/08/13 |
There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing.
See also: http://www.openwall.com/lists/oss-security/2013/01/08/13 |
|
2013-01-17 15:33:02 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Oneiric): status |
New |
Triaged |
|
2013-01-17 15:33:04 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Precise): status |
New |
Triaged |
|
2013-01-17 15:33:07 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Quantal): status |
New |
Triaged |
|
2013-01-17 15:33:09 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Raring): status |
New |
Triaged |
|
2013-01-17 15:34:49 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Oneiric): status |
Triaged |
Invalid |
|
2013-01-17 15:34:51 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Precise): status |
Triaged |
Invalid |
|
2013-01-17 15:35:42 |
Jamie Strandboge |
ruby-activerecord-3.2 (Ubuntu Oneiric): status |
New |
Invalid |
|
2013-01-17 15:35:47 |
Jamie Strandboge |
ruby-activerecord-3.2 (Ubuntu Precise): status |
New |
Invalid |
|
2013-01-17 15:41:34 |
Jamie Strandboge |
ruby-activerecord-3.2 (Ubuntu Raring): status |
Confirmed |
Fix Released |
|
2013-01-17 15:41:56 |
Jamie Strandboge |
ruby-activerecord-3.2 (Ubuntu Quantal): status |
New |
Triaged |
|
2013-01-17 15:43:31 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Quantal): assignee |
|
Christian Kuersteiner (ckuerste) |
|
2013-01-17 15:53:39 |
Jamie Strandboge |
ruby-activerecord-2.3 (Ubuntu Raring): status |
Triaged |
Fix Released |
|
2013-01-17 21:18:14 |
Jamie Strandboge |
attachment added |
|
fix for quantal ruby-actionpack-3.2 https://bugs.launchpad.net/ubuntu/+source/ruby-activerecord-3.2/+bug/1100188/+attachment/3486595/+files/lp1100162-quantal.debdiff |
|
2013-01-17 21:19:16 |
Jamie Strandboge |
ruby-actionpack-3.2 (Ubuntu Quantal): assignee |
|
Christian Kuersteiner (ckuerste) |
|
2013-01-18 13:09:55 |
Marc Deslauriers |
ruby-activerecord-3.2 (Ubuntu Quantal): status |
Triaged |
Fix Committed |
|
2013-01-18 13:10:09 |
Marc Deslauriers |
ruby-actionpack-3.2 (Ubuntu Quantal): status |
Triaged |
Fix Committed |
|
2013-01-18 13:39:47 |
Marc Deslauriers |
ruby-activerecord-2.3 (Ubuntu Oneiric): status |
Triaged |
Fix Committed |
|
2013-01-18 13:40:00 |
Marc Deslauriers |
ruby-activerecord-2.3 (Ubuntu Precise): status |
Triaged |
Fix Committed |
|
2013-01-18 13:40:17 |
Marc Deslauriers |
ruby-activerecord-2.3 (Ubuntu Quantal): status |
Triaged |
Fix Committed |
|
2013-01-18 13:40:17 |
Marc Deslauriers |
ruby-activerecord-2.3 (Ubuntu Quantal): assignee |
Christian Kuersteiner (ckuerste) |
|
|
2013-01-18 14:55:13 |
Launchpad Janitor |
ruby-activerecord-2.3 (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
2013-01-18 14:56:45 |
Launchpad Janitor |
ruby-activerecord-2.3 (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
2013-01-18 14:56:50 |
Launchpad Janitor |
ruby-activerecord-3.2 (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
2013-01-18 14:56:54 |
Launchpad Janitor |
ruby-activerecord-2.3 (Ubuntu Oneiric): status |
Fix Committed |
Fix Released |
|
2013-01-18 15:14:28 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/quantal/ruby-activerecord-3.2/quantal-security |
|
2013-01-18 15:17:09 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/oneiric-security/ruby-activerecord-2.3 |
|
2013-01-18 15:17:17 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/precise/ruby-activerecord-2.3/precise-security |
|
2013-01-18 15:17:30 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/quantal/ruby-activerecord-2.3/quantal-security |
|
2013-01-18 15:27:55 |
Marc Deslauriers |
ruby-actionpack-3.2 (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
2013-01-18 15:29:37 |
Marc Deslauriers |
removed subscriber Ubuntu Security Sponsors Team |
|
|
|
2015-06-17 12:19:32 |
Rolf Leggewie |
rails (Ubuntu Lucid): status |
Triaged |
Won't Fix |
|