Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
59c09313 by Salvatore Bonaccorso at 2018-05-01T05:49:51+02:00
ruby2.3 removed from unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4304,7 +4304,7 @@ CVE-2018-8781 (The udl_fb_mmap function in
drivers/gpu/drm/udl/udl_fb.c at the L
CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4,
2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -4315,7 +4315,7 @@ CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7,
2.4.x before 2.4.4, 2.
CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4,
2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -4327,7 +4327,7 @@ CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7,
2.4.x before 2.4.4, 2.
CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4,
2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -4338,7 +4338,7 @@ CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7,
2.4.x before 2.4.4, 2.
CVE-2018-8777 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4,
2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -8374,7 +8374,7 @@ CVE-2018-1000080 (Ajenti version version 2 contains a
Insecure Permissions vulne
- ajenti <itp> (bug #792019)
CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue, too intrusive to backport)
@@ -8389,7 +8389,7 @@ CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9
and earlier, Ruby 2.3
CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8399,7 +8399,7 @@ CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9
and earlier, Ruby 2.3
CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8409,7 +8409,7 @@ CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9
and earlier, Ruby 2.3
CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8419,7 +8419,7 @@ CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9
and earlier, Ruby 2.3
CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8429,7 +8429,7 @@ CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9
and earlier, Ruby 2.3
CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
{DLA-1352-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue, too intrusive to backport)
@@ -8440,7 +8440,7 @@ CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9
and earlier, Ruby 2.3
NOTE:
https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000073 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby
2.3 series: ...)
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <not-affected> (Vulnerable code not present)
@@ -9477,7 +9477,7 @@ CVE-2018-6915
CVE-2018-6914 (Directory traversal vulnerability in the Dir.mktmpdir method in
the ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -19168,7 +19168,7 @@ CVE-2017-17791
CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through
2.4.3 ...)
{DLA-1222-1 DLA-1221-1}
- ruby2.5 2.5.0-1 (bug #884878)
- - ruby2.3 <unfixed> (bug #884879)
+ - ruby2.3 <removed> (bug #884879)
[stretch] - ruby2.3 <postponed> (Minor issue, can be fixed along in
future DSA)
- ruby2.1 <removed>
[jessie] - ruby2.1 <postponed> (Minor issue, can be fixed along in
future DSA)
@@ -19325,7 +19325,7 @@ CVE-2017-17743 (Improper input sanitization within the
restricted administration
CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4,
2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/59c09313be34016c9db8fd5299fdf18e7c042059
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/59c09313be34016c9db8fd5299fdf18e7c042059
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
