[Secure-testing-commits] r56895 - data/CVE

Salvatore Bonaccorso Fri, 20 Oct 2017 12:41:18 -0700

Author: carnil
Date: 2017-10-20 19:40:47 +0000 (Fri, 20 Oct 2017)
New Revision: 56895


Modified:
   data/CVE/list
Log:
Add fixing commit for CVE-2017-0903/ruby2.3

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-20 19:12:03 UTC (rev 56894)
+++ data/CVE/list       2017-10-20 19:40:47 UTC (rev 56895)
@@ -42434,6 +42434,7 @@
        - rubygems <removed>
        NOTE: http://www.openwall.com/lists/oss-security/2017/10/10/2
        NOTE: https://justi.cz/security/2017/10/07/rubygems-org-rce.html
+       NOTE: Fixed by: 
https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49
 CVE-2017-0902 (RubyGems version 2.6.12 and earlier is vulnerable to a DNS 
hijacking ...)
        {DSA-3966-1}
        - ruby2.3 2.3.3-1+deb9u1 (bug #873802)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56895 - data/CVE

Reply via email to