Narrower version checks for < 3.0.0

lib/brakeman/checks/check_select_vulnerability.rb

@@ -15,7 +15,7 @@ class Brakeman::CheckSelectVulnerability < Brakeman::BaseCheck
       suggested_version = "3.1.4"
     elsif version_between? "3.2.0", "3.2.1"
       suggested_version = "3.2.2"
-    elsif version_between? "2.0.0", "3.0.0"
+    elsif version_between? "2.0.0", "2.3.14"
       suggested_version = "3 or use options_for_select"
     else
       return

lib/brakeman/checks/check_sql.rb

@@ -90,7 +90,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
   end
 
   def check_rails_version_for_cve_2012_2660
-    if version_between?("2.0.0", "3.0.0") || version_between?("3.0.0", "3.0.12") || version_between?("3.1.0", "3.1.4") || version_between?("3.2.0", "3.2.3")
+    if version_between?("2.0.0", "2.3.14") || version_between?("3.0.0", "3.0.12") || version_between?("3.1.0", "3.1.4") || version_between?("3.2.0", "3.2.3")
       warn :warning_type => 'SQL Injection',
         :message => 'All versions of Rails before 3.0.13, 3.1.5, and 3.2.5 contain a SQL Query Generation Vulnerability: CVE-2012-2660; Upgrade to 3.2.5, 3.1.5, 3.0.13',
         :confidence => CONFIDENCE[:high],
@@ -110,7 +110,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
   end
 
   def check_rails_version_for_cve_2012_2695
-    if version_between?("2.0.0", "3.0.0") || version_between?("3.0.0", "3.0.13") || version_between?("3.1.0", "3.1.5") || version_between?("3.2.0", "3.2.5")
+    if version_between?("2.0.0", "2.3.14") || version_between?("3.0.0", "3.0.13") || version_between?("3.1.0", "3.1.5") || version_between?("3.2.0", "3.2.5")
       warn :warning_type => 'SQL Injection',
         :message => 'All versions of Rails before 3.0.14, 3.1.6, and 3.2.6 contain SQL Injection Vulnerabilities: CVE-2012-2694 and CVE-2012-2695; Upgrade to 3.2.6, 3.1.6, 3.0.14',
         :confidence => CONFIDENCE[:high],