[Secure-testing-team] Bug#875928: ruby2.3: CVE-0217-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode

Source: ruby2.3 Version: 2.3.3-1 Severity: important Tags: security upstream Hi, the following vulnerability was published for ruby2.3. CVE-2017-14033[0]: Buffer underrun in OpenSSL ASN1 decode If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities &

[Secure-testing-team] Bug#875936: ruby2.3: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf

Source: ruby2.3 Version: 2.3.3-1 Severity: important Tags: security upstream Hi, the following vulnerability was published for ruby2.3. CVE-2017-0898[0]: | Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a leakage of its | heap by the malicious specification of the format of sprintf

[Secure-testing-team] Bug#875931: ruby2.3: CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick

Source: ruby2.3 Version: 2.3.3-1 Severity: important Tags: patch security upstream fixed-upstream Hi, the following vulnerability was published for ruby2.3. CVE-2017-10784[0]: |Escape sequence injection vulnerability in the Basic authentication of |WEBrick If you fix the vulnerability please

[Secure-testing-team] Bug#875947: python-scrapy: CVE-2017-14158

Source: python-scrapy Version: 1.4.0-1 Severity: important Tags: security upstream Forwarded: https://github.com/scrapy/scrapy/issues/482 Hi, the following vulnerability was published for python-scrapy. CVE-2017-14158[0]: | Scrapy 1.4 allows remote attackers to cause a denial of service (memory

[Secure-testing-team] Bug#875983: puppet-module-puppetlabs-apache: CVE-2017-2299: Possible TLS trust misconfiguration

Source: puppet-module-puppetlabs-apache Version: 1.1.1-1 Severity: important Tags: security upstream patch Hi, the following vulnerability was published for puppet-module-puppetlabs-apache. CVE-2017-2299[0]: | Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 | make it very