Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
88ed3e2e by Sylvain Beucler at 2024-07-16T21:06:34+02:00
CVE-2016-2338/ruby2.1: reference missing patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -541529,7 +541529,8 @@ CVE-2016-2338 (An exploitable heap overflow
vulnerability exists in the Psych::E
- ruby2.3 2.3.0-1
- ruby2.1 <removed>
NOTE: https://talosintelligence.com/reports/TALOS-2016-0032
- NOTE:
https://git.ruby-lang.org/ruby.git/commit/?id=db48c307944a9a18877236bdf9e9b778875f38ed
+ NOTE:
https://git.ruby-lang.org/ruby.git/commit/?id=cc0313436160b735a3d41361cb5e3eeb10fcbdad
(v2_3_0)
+ NOTE:
https://git.ruby-lang.org/ruby.git/commit/?id=db48c307944a9a18877236bdf9e9b778875f38ed
(v2_3_0)
CVE-2016-2337 (Type confusion exists in _cancel_eval Ruby's TclTkIp class
method. Att ...)
{DLA-1480-1}
- ruby2.3 2.3.0-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88ed3e2eefe095172bf01c45d590496d002f206e
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88ed3e2eefe095172bf01c45d590496d002f206e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
