Source: mruby Version: 1.4.1+20180622+git640fca32-1 Hi,
This bug was fixed in 1.4.1+20180622+git640fca32-1. Best regards, Nobuhiro 2018-06-16 18:09 GMT+09:00 Salvatore Bonaccorso <[email protected]>: > Source: mruby > Version: 1.4.1-2 > Severity: important > Tags: security upstream > Forwarded: https://github.com/mruby/mruby/issues/4037 > > Hi, > > The following vulnerability was published for mruby. > > CVE-2018-12249[0]: > | An issue was discovered in mruby 1.4.1. There is a NULL pointer > | dereference in mrb_class_real because "class BasicObject" is not > | properly supported in class.c. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2018-12249 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12249 > [1] https://github.com/mruby/mruby/issues/4037 > [2] > https://github.com/mruby/mruby/commit/faa4eaf6803bd11669bc324b4c34e7162286bfa3 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore -- Nobuhiro Iwamatsu iwamatsu at {nigauri.org / debian.org} GPG ID: 40AD1FA6
