Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18636a65 by Salvatore Bonaccorso at 2020-02-08T07:50:20+01:00
CVE-2016-7954: Remove "yet" from the wording
- - - - -
a036cb5e by Salvatore Bonaccorso at 2020-02-08T07:51:14+01:00
Add fixed version via unstable for CVE-2016-7954/bundler
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -187650,13 +187650,13 @@ CVE-2016-7956
CVE-2016-7955 (The logcheck function in session.inc in AlienVault OSSIM before
5.3.1, ...)
NOT-FOR-US: AlienVault OSSIM
CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary
Ruby code ...)
- - bundler <unfixed> (bug #842504)
+ - bundler 2.1.4-1 (bug #842504)
[buster] - bundler <ignored> (Minor issue, too intrusive to backport)
[stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
[jessie] - bundler <ignored> (Minor issue, too intrusive to backport)
[wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
- NOTE: There is no plan (yet) from upstream to address this for bundler
1.x
+ NOTE: There is no plan from upstream to address this for bundler 1.x
NOTE: due to lockfile format.
CVE-2016-7953 (Buffer underflow in X.org libXvMC before 1.0.10 allows remote X
server ...)
{DLA-671-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f92e43c6b386153ab98434e136aa1d2792a00854...a036cb5efa58d1e1003136f831ad2c866769a86b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f92e43c6b386153ab98434e136aa1d2792a00854...a036cb5efa58d1e1003136f831ad2c866769a86b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
