[Git][security-tracker-team/security-tracker][master] Remove reference to commit

Salvatore Bonaccorso Tue, 17 Jul 2018 11:45:56 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5aeaae0f by Salvatore Bonaccorso at 2018-07-17T20:43:33+02:00
Remove reference to commit

This commit was not for CVE-2018-1000544. It was to fix another issue,
upstream issue #315, but not the CVE-2018-1000544.

The full upstream fix for CVE-2018-1000544 has furthermore not yet been
validated, cf. https://github.com/rubyzip/rubyzip/pull/371 .

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3798,7 +3798,6 @@ CVE-2018-1000545
 CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a 
Directory ...)
        - ruby-zip <unfixed> (bug #902720)
        NOTE: https://github.com/rubyzip/rubyzip/issues/369
-       NOTE: 
https://github.com/rubyzip/rubyzip/commit/ce4208fdecc2ad079b05d3c49d70fe6ed1d07016
 CVE-2018-1000543 (Akiee version 0.0.3 contains a XSS leading to code execution 
due to ...)
        NOT-FOR-US: Akiee
 CVE-2018-1000542 (netbeans-mmd-plugin version &lt;= 1.4.3 contains a XML 
External Entity ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5aeaae0fac4cb04751675da1737bc7164dbbaa05

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5aeaae0fac4cb04751675da1737bc7164dbbaa05
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Remove reference to commit

Reply via email to