[Secure-testing-commits] r55257 - data/CVE

Salvatore Bonaccorso Wed, 30 Aug 2017 12:22:11 -0700

Author: carnil
Date: 2017-08-30 19:21:45 +0000 (Wed, 30 Aug 2017)
New Revision: 55257


Modified:
   data/CVE/list
Log:
Add new ruby(gems) issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-30 19:21:32 UTC (rev 55256)
+++ data/CVE/list       2017-08-30 19:21:45 UTC (rev 55257)
@@ -36304,14 +36304,46 @@
        RESERVED
 CVE-2017-0903
        RESERVED
-CVE-2017-0902
+CVE-2017-0902 [DNS issue]
        RESERVED
-CVE-2017-0901
+       - ruby2.3 <unfixed>
+       - ruby2.1 <removed>
+       - ruby1.9.1 <removed>
+       - rubygems <removed>
+       NOTE: 
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
+       NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+       NOTE: For Ruby 2.3.4: 
https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
+       NOTE: For Ruby 2.2.7: 
https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
+CVE-2017-0901 [overwrite any file]
        RESERVED
-CVE-2017-0900
+       - ruby2.3 <unfixed>
+       - ruby2.1 <removed>
+       - ruby1.9.1 <removed>
+       - rubygems <removed>
+       NOTE: 
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
+       NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+       NOTE: For Ruby 2.3.4: 
https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
+       NOTE: For Ruby 2.2.7: 
https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
+CVE-2017-0900 [query command]
        RESERVED
-CVE-2017-0899
+       - ruby2.3 <unfixed>
+       - ruby2.1 <removed>
+       - ruby1.9.1 <removed>
+       - rubygems <removed>
+       NOTE: 
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
+       NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+       NOTE: For Ruby 2.3.4: 
https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
+       NOTE: For Ruby 2.2.7: 
https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
+CVE-2017-0899 [ANSI escape issue]
        RESERVED
+       - ruby2.3 <unfixed>
+       - ruby2.1 <removed>
+       - ruby1.9.1 <removed>
+       - rubygems <removed>
+       NOTE: 
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
+       NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+       NOTE: For Ruby 2.3.4: 
https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
+       NOTE: For Ruby 2.2.7: 
https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
 CVE-2017-0898
        RESERVED
 CVE-2017-0897 (ExpressionEngine version 2.x &lt; 2.11.8 and version 3.x &lt; 
3.5.5 create ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r55257 - data/CVE

Reply via email to