Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
89b03f2d by Salvatore Bonaccorso at 2020-09-30T08:42:06+02:00
Add CVE-2020-25613/ruby
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1205,8 +1205,14 @@ CVE-2014-10402 (An issue was discovered in the DBI
module through 1.643 for Perl
[buster] - libdbi-perl <postponed> (Revisit when fixed upstream)
[stretch] - libdbi-perl <postponed> (Revisit when fixed upstream)
NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=99508#txn-1911590
-CVE-2020-25613
+CVE-2020-25613 [Potential HTTP Request Smuggling Vulnerability in WEBrick]
RESERVED
+ - ruby2.7 <unfixed>
+ - ruby2.5 <removed>
+ - ruby2.3 <removed>
+ - jruby <unfixed>
+ NOTE:
https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
+ NOTE: Fix in webrick:
https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7
CVE-2020-25612
RESERVED
CVE-2020-25611
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b03f2df72b2db7d2e1d862395c939a8fe04d4b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b03f2df72b2db7d2e1d862395c939a8fe04d4b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
