hardBox
diff --git a/‎_config.yml
Lines changed: 1 addition & 1 deletion b/‎_config.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎source/_posts/2007-11-27-cve-2007-6183-ruby-gnome2-gtk-src-rbgtkmessagedialog-c-gtk-messagedialog-new-function-format-string.markdown renamed to ‎source/_posts/2007-11-27-CVE-2007-6183.markdown b/‎source/_posts/2007-11-27-cve-2007-6183-ruby-gnome2-gtk-src-rbgtkmessagedialog-c-gtk-messagedialog-new-function-format-string.markdown renamed to ‎source/_posts/2007-11-27-CVE-2007-6183.markdown
diff --git a/‎source/_posts/2009-12-01-cve-2013-0263-rack-rack-session-cookie-function-timing-attack-remote-code-execution-.markdown renamed to ‎source/_posts/2009-12-01-CVE-2013-0263.markdown b/‎source/_posts/2009-12-01-cve-2013-0263-rack-rack-session-cookie-function-timing-attack-remote-code-execution-.markdown renamed to ‎source/_posts/2009-12-01-CVE-2013-0263.markdown
diff --git a/‎source/_posts/2011-01-25-cve-2011-0739-mail-gem-for-ruby-lib-mail-network-delivery_methods-sendmail-rb-email-from-address-arbitrary-shell-command-injection-.markdown renamed to ‎source/_posts/2011-01-25-CVE-2011-0739.markdown b/‎source/_posts/2011-01-25-cve-2011-0739-mail-gem-for-ruby-lib-mail-network-delivery_methods-sendmail-rb-email-from-address-arbitrary-shell-command-injection-.markdown renamed to ‎source/_posts/2011-01-25-CVE-2011-0739.markdown
diff --git a/‎source/_posts/2012-01-01-cve-2012-6134-ruby-on-rails-omniauth-oauth2-gem-csrf-v 8000 ulnerability.markdown renamed to ‎source/_posts/2012-01-01-CVE-2012-6134.markdown b/‎source/_posts/2012-01-01-cve-2012-6134-ruby-on-rails-omniauth-oauth2-gem-csrf-v 8000 ulnerability.markdown renamed to ‎source/_posts/2012-01-01-CVE-2012-6134.markdown
diff --git a/‎source/_posts/2012-03-01-cve-2012-1098-ruby-on-rails-safebuffer-object-direct-manipulation-xss.markdown renamed to ‎source/_posts/2012-03-01-CVE-2012-1098.markdown b/‎source/_posts/2012-03-01-cve-2012-1098-ruby-on-rails-safebuffer-object-direct-manipulation-xss.markdown renamed to ‎source/_posts/2012-03-01-CVE-2012-1098.markdown
diff --git a/‎source/_posts/2012-03-01-cve-2012-1099-ruby-on-rails-actionpack-lib-action_view-helpers-form_options_helper-rb-manually-generated-select-tag-options-xss.markdown renamed to ‎source/_posts/2012-03-01-CVE-2012-1099.markdown b/‎source/_posts/2012-03-01-cve-2012-1099-ruby-on-rails-actionpack-lib-action_view-helpers-form_options_helper-rb-manually-generated-select-tag-options-xss.markdown renamed to ‎source/_posts/2012-03-01-CVE-2012-1099.markdown
diff --git a/‎source/_posts/2012-03-14-cve-2012-2139-mail-gem-for-ruby-file-delivery-method-to-parameter-traversal-arbitrary-file-manipulation.markdown renamed to ‎source/_posts/2012-03-14-CVE-2012-2139.markdown b/‎source/_posts/2012-03-14-cve-2012-2139-mail-gem-for-ruby-file-delivery-method-to-parameter-traversal-arbitrary-file-manipulation.markdown renamed to ‎source/_posts/2012-03-14-CVE-2012-2139.markdown
diff --git a/‎source/_posts/2012-03-14-cve-2012-2140-mail-gem-for-ruby-multiple-delivery-method-remote-shell-command-execution.markdown renamed to ‎source/_posts/2012-03-14-CVE-2012-2140.markdown b/‎source/_posts/2012-03-14-cve-2012-2140-mail-gem-for-ruby-multiple-delivery-method-remote-shell-command-execution.markdown renamed to ‎source/_posts/2012-03-14-CVE-2012-2140.markdown
diff --git a/‎source/_posts/2012-05-31-cve-2012-2660-ruby-on-rails-activerecord-class-rack-query-parameter-parsing-sql-query-arbitrary-is-null-clause-injection.markdown renamed to ‎source/_posts/2012-05-31-CVE-2012-2660.markdown b/‎source/_posts/2012-05-31-cve-2012-2660-ruby-on-rails-activerecord-class-rack-query-parameter-parsing-sql-query-arbitrary-is-null-clause-injection.markdown renamed to ‎source/_posts/2012-05-31-CVE-2012-2660.markdown
diff --git a/‎source/_posts/2012-05-31-cve-2012-2661-ruby-on-rails-where-method-activerecord-class-sql-injection.markdown renamed to ‎source/_posts/2012-05-31-CVE-2012-2661.markdown b/‎source/_posts/2012-05-31-cve-2012-2661-ruby-on-rails-where-method-activerecord-class-sql-injection.markdown renamed to ‎source/_posts/2012-05-31-CVE-2012-2661.markdown
diff --git a/‎source/_posts/2012-06-06-cve-2012-267-rack-cache-rubygem-sensitive-http-header-caching-weakness.markdown renamed to ‎source/_posts/2012-06-06-CVE-2012-267.markdown b/‎source/_posts/2012-06-06-cve-2012-267-rack-cache-rubygem-sensitive-http-header-caching-weakness.markdown renamed to ‎source/_posts/2012-06-06-CVE-2012-267.markdown
diff --git a/‎source/_posts/2012-07-26-cve-2012-3424-ruby-on-rails-actionpack-lib-action_controller-metal-http_authentication-rb-with_http_digest-helper-method-remote-dos.markdown renamed to ‎source/_posts/2012-07-26-CVE-2012-3424.markdown b/‎source/_posts/2012-07-26-cve-2012-3424-ruby-on-rails-actionpack-lib-action_controller-metal-http_authentication-rb-with_http_digest-helper-method-remote-dos.markdown renamed to ‎source/_posts/2012-07-26-CVE-2012-3424.markdown
diff --git a/‎source/_posts/2012-08-09-cve-2012-3463-ruby-on-rails-select_tag-helper-method-prompt-value-xss.markdown renamed to ‎source/_posts/2012-08-09-CVE-2012-3463.markdown b/‎source/_posts/2012-08-09-cve-2012-3463-ruby-on-rails-select_tag-helper-method-prompt-value-xss.markdown renamed to ‎source/_posts/2012-08-09-CVE-2012-3463.markdown
diff --git a/‎source/_posts/2012-08-09-cve-2012-3464-ruby-on-rails-html-escaping-code-xss.markdown renamed to ‎source/_posts/2012-08-09-CVE-2012-3464.markdown b/‎source/_posts/2012-08-09-cve-2012-3464-ruby-on-rails-html-escaping-code-xss.markdown renamed to ‎source/_posts/2012-08-09-CVE-2012-3464.markdown
diff --git a/‎source/_posts/2012-08-09-cve-2012-3465-ruby-on-rails-strip_tags-helper-method-xss.markdown renamed to ‎source/_posts/2012-08-09-CVE-2012-3465.markdown b/‎source/_posts/2012-08-09-cve-2012-3465-ruby-on-rails-strip_tags-helper-method-xss.markdown renamed to ‎source/_posts/2012-08-09-CVE-2012-3465.markdown
diff --git a/‎source/_posts/2013-01-01-cve-2013-0284-ruby-on-rails-newrelic_rpm-gem-discloses-sensitive-information.markdown renamed to ‎source/_posts/2013-01-01-CVE-2013-0284.markdown b/‎source/_posts/2013-01-01-cve-2013-0284-ruby-on-rails-newrelic_rpm-gem-discloses-sensitive-information.markdown renamed to ‎source/_posts/2013-01-01-CVE-2013-0284.markdown
diff --git a/‎source/_posts/2013-01-01-cve-2013-0285-ruby-gem-nori-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-01-CVE-2013-0285.markdown b/‎source/_posts/2013-01-01-cve-2013-0285-ruby-gem-nori-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-01-CVE-2013-0285.markdown
diff --git a/‎source/_posts/2013-01-01-cve-2013-1756-dragonfly-gem-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-01-CVE-2013-1756.markdown b/‎source/_posts/2013-01-01-cve-2013-1756-dragonfly-gem-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-01-CVE-2013-1756.markdown
diff --git a/‎source/_posts/2013-01-08-cve-2013-0155-ruby-on-rails-active-record-json-parameter-parsing-query-bypass.markdown renamed to ‎source/_posts/2013-01-08-CVE-2013-0155.markdown b/‎source/_posts/2013-01-08-cve-2013-0155-ruby-on-rails-active-record-json-parameter-parsing-query-bypass.markdown renamed to ‎source/_posts/2013-01-08-CVE-2013-0155.markdown
diff --git a/‎source/_posts/2013-01-08-cve-2013-0156-ruby-on-rails-params_parser-rb-action-pack-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-08-CVE-2013-0156.markdown b/‎source/_posts/2013-01-08-cve-2013-0156-ruby-on-rails-params_parser-rb-action-pack-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-08-CVE-2013-0156.markdown
diff --git a/‎source/_posts/2013-01-08-cve-2013-1802-extlib-gem-for-ruby-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-08-CVE-2013-1802.markdown b/‎source/_posts/2013-01-08-cve-2013-1802-extlib-gem-for-ruby-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-08-CVE-2013-1802.markdown
diff --git a/‎source/_posts/2013-01-09-cve-2013-1800-crack-gem-for-ruby-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-09-CVE-2013-1800.markdown b/‎source/_posts/2013-01-09-cve-2013-1800-crack-gem-for-ruby-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-09-CVE-2013-1800.markdown
diff --git a/‎source/_posts/2013-01-11-cve-2013-0175-multi_xml-gem-for-ruby-xml-parameter-parsing-remote-command-execution.markdown renamed to ‎source/_posts/2013-01-11-CVE-2013-0175.markdown b/‎source/_posts/2013-01-11-cve-2013-0175-multi_xml-gem-for-ruby-xml-parameter-parsing-remote-command-execution.markdown renamed to ‎source/_posts/2013-01-11-CVE-2013-0175.markdown
diff --git a/‎source/_posts/2013-01-14-cve-2013-1802-httparty-gem-for-ruby-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-14-CVE-2013-1802.markdown b/‎source/_posts/2013-01-14-cve-2013-1802-httparty-gem-for-ruby-type-casting-parameter-parsing-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-14-CVE-2013-1802.markdown
diff --git a/‎source/_posts/2013-01-28-cve-2013-0233-devise-database-type-conversion-crafted-request-parsing-security-bypass.markdown renamed to ‎source/_posts/2013-01-28-CVE-2013-0233.markdown b/‎source/_posts/2013-01-28-cve-2013-0233-devise-database-type-conversion-crafted-request-parsing-security-bypass.markdown renamed to ‎source/_posts/2013-01-28-CVE-2013-0233.markdown
diff --git a/‎source/_posts/2013-01-28-cve-2013-0333-ruby-on-rails-json-parser-crafted-payload-yaml-subset-decoding-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-28-CVE-2013-0333.markdown b/‎source/_posts/2013-01-28-cve-2013-0333-ruby-on-rails-json-parser-crafted-payload-yaml-subset-decoding-remote-code-execution.markdown renamed to ‎source/_posts/2013-01-28-CVE-2013-0333.markdown
diff --git a/‎source/_posts/2013-02-06-cve-2013-0256-rdoc-2-3-0-through-3-12-xss-exploit.markdown renamed to ‎source/_posts/2013-02-06-CVE-2013-0256.markdown b/‎source/_posts/2013-02-06-cve-2013-0256-rdoc-2-3-0-through-3-12-xss-exploit.markdown renamed to ‎source/_posts/2013-02-06-CVE-2013-0256.markdown
diff --git a/‎source/_posts/2013-02-11-cve-2013-0269-ruby-on-rails-json-gem-arbitrary-symbol-creation-remote-dos.markdown renamed to ‎source/_posts/2013-02-11-CVE-2013-0269.markdown b/‎source/_posts/2013-02-11-cve-2013-0269-ruby-on-rails-json-gem-arbitrary-symbol-creation-remote-dos.markdown renamed to ‎source/_posts/2013-02-11-CVE-2013-0269.markdown
diff --git a/‎source/_posts/2013-02-11-cve-2013-0276-ruby-on-rails-active-record-attr_protected-method-bypass.markdown renamed to ‎source/_posts/2013-02-11-CVE-2013-0276.markdown b/‎source/_posts/2013-02-11-cve-2013-0276-ruby-on-rails-active-record-attr_protected-method-bypass.markdown renamed to ‎source/_posts/2013-02-11-CVE-2013-0276.markdown
diff --git a/‎source/_posts/2013-02-11-cve-2013-0277-ruby-on-rails-active-record-serialize-helper-yaml-attribute-handling-remote-code-execution.markdown renamed to ‎source/_posts/2013-02-11-CVE-2013-0277.markdown b/‎source/_posts/2013-02-11-cve-2013-0277-ruby-on-rails-active-record-serialize-helper-yaml-attribute-handling-remote-code-execution.markdown renamed to ‎source/_posts/2013-02-11-CVE-2013-0277.markdown
diff --git a/‎source/_posts/2013-02-28-cve-2013-2512-ftpd-gem-for-ruby-shell-character-handling-remote-command-injection.markdown renamed to ‎source/_posts/2013-02-28-CVE-2013-2512.markdown b/‎source/_posts/2013-02-28-cve-2013-2512-ftpd-gem-for-ruby-shell-character-handling-remote-command-injection.markdown renamed to ‎source/_posts/2013-02-28-CVE-2013-2512.markdown
diff --git a/‎source/_posts/2013-03-19-cve-2013-1854-symbol-dos-vulnerability-in-active-record.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1854.markdown b/‎source/_posts/2013-03-19-cve-2013-1854-symbol-dos-vulnerability-in-active-record.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1854.markdown
diff --git a/‎source/_posts/2013-03-19-cve-2013-1855-xss-vulnerability-in-sanitize_css-in-action-pack.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1855.markdown b/‎source/_posts/2013-03-19-cve-2013-1855-xss-vulnerability-in-sanitize_css-in-action-pack.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1855.markdown
diff --git a/‎source/_posts/2013-03-19-cve-2013-1856-xml-parsing-vulnerability-affecting-jruby-users.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1856.markdown b/‎source/_posts/2013-03-19-cve-2013-1856-xml-parsing-vulnerability-affecting-jruby-users.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1856.markdown
diff --git a/‎source/_posts/2013-03-19-cve-2013-1857-xss-vulnerability-in-the-sanitize-helper-of-ruby-on-rails.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1857.markdown b/‎source/_posts/2013-03-19-cve-2013-1857-xss-vulnerability-in-the-sanitize-helper-of-ruby-on-rails.markdown renamed to ‎source/_posts/2013-03-19-CVE-2013-1857.markdown
diff --git a/‎tasks/sync_advisories.rake
Lines changed: 1 addition & 1 deletion b/‎tasks/sync_advisories.rake
Lines changed: 1 addition & 1 deletion
@@ -27,7 +27,7 @@ email: rubysec-announce@googlegroups.com
 
 # If publishing to a subdirectory as in http://site.com/project set 'root: /project'
 root: /
-permalink: /advisories/:year/:month/:day/:title/
+permalink: /advisories/:title/
 source: source
 destination: public
 plugins: plugins
 
@@ -14,7 +14,7 @@ task :sync_advisories do
     title = yaml['title'].gsub(/\s+/m, ' ')
 
     title = "#{cve}: #{title}"
-    slug  = title.downcase.gsub(/[^\w]+/, '-')
+    slug  = cve
 
     puts "Processing: #{title}"