Author: jmm
Date: 2017-08-12 20:22:23 +0000 (Sat, 12 Aug 2017)
New Revision: 54700

Modified:
   data/CVE/list
Log:
mark bundler as ignored


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-12 20:17:42 UTC (rev 54699)
+++ data/CVE/list       2017-08-12 20:22:23 UTC (rev 54700)
@@ -41104,8 +41104,8 @@
        NOT-FOR-US: AlienVault OSSIM
 CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary 
Ruby code ...)
        - bundler <unfixed> (bug #842504)
-       [stretch] - bundler <no-dsa> (Minor issue, too intrusive to backport)
-       [jessie] - bundler <no-dsa> (Minor issue, too intrusive to backport)
+       [stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
+       [jessie] - bundler <ignored> (Minor issue, too intrusive to backport)
        [wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport)
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
        NOTE: There is no plan (yet) from upstream to address this for bundler 
1.x


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to