rails issue fixed in lenny, etch support discontinued

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@12820 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 5 insertions, 0 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 35e4aa6a71..34f97ecbd9 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -300,6 +300,8 @@ CVE-2009-3087 (Unspecified vulnerability in nserver.exe in the server in IBM Lot
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2009-3086 (A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x ...)
 	- rails 2.2.3-1 (low; bug #545063)
+	[etch] - rails <no-dsa> (Minor issue)
+	[lenny] - rails <no-dsa> (Minor issue)
 CVE-2009-3085 (The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ...)
 	- pidgin 2.6.2-1 (low)
 CVE-2009-3084 (The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c ...)
@@ -602,6 +604,7 @@ CVE-2009-3010 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 p
 	- iceweasel <unfixed> (unimportant)
 CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before ...)
 	- rails 2.2.3-1 (low; bug #545063)
+	[etch] - rails <no-dsa> (Unsupported)
 CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the address ...)
 	NOT-FOR-US: K-Meleon	
 CVE-2009-3007 (Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow ...)
diff --git a/data/package-tags b/data/package-tags
index 0e9cc723c4..e8210e8b81 100644
--- a/data/package-tags
+++ b/data/package-tags
@@ -22,3 +22,5 @@
 [lenny] ltp <limited-support> (Testsuite, only supported on non-production non-multiuser systems)
 
 [sid] vmware-package <unspported> (Only a build script for native upstream tarballs, not supported)
+
+[etch] rails <unsupported> (Unusable, should be removed)