Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64c8b14a by Adrian Bunk at 2020-08-15T18:49:47+03:00
CVE-2017-17742 is also in JRuby, and not yet fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -160318,12 +160318,14 @@ CVE-2017-17743 (Improper input sanitization within
the restricted administration
NOT-FOR-US: UCOPIA Wireless Appliance
CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4,
2.5.x befo ...)
{DSA-4259-1 DLA-2027-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
+ - jruby <unfixed>
- ruby2.5 2.5.1-1
- ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
NOTE:
https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
+ NOTE: https://github.com/jruby/jruby/releases/tag/9.2.12.0
CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7
allows attac ...)
{DSA-4082-1 DSA-4073-1 DLA-1232-1}
- linux 4.14.7-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64c8b14ab598bc8ea5a9a28a9030ffac09da08ad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64c8b14ab598bc8ea5a9a28a9030ffac09da08ad
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
