Merge pull request #250 from skorth/add_spina_ruby_gem

Add Spina Ruby Gem

Author: reedloden

gems/spina/CVE-2015-4619.yml

@@ -0,0 +1,16 @@
+---
+gem: spina
+cve: 2015-4619
+title: Cross-site request forgery (CSRF) vulnerability in Spina gem
+date: 2015-06-16
+url: http://www.openwall.com/lists/oss-security/2015/06/16/11
+
+description: >-
+  `Spina::ApplicationController` actions didn't have CSRF
+  protection. This causes a CSRF vulnerability across the
+  entire engine which includes administrative functionality
+  such as creating users, changing passwords,
+  and media management.
+
+patched_versions:
+  - ">= 0.6.29"