Author: carnil Date: 2017-11-14 15:42:24 +0000 (Tue, 14 Nov 2017) New Revision: 57622
Modified: data/CVE/list Log: ruby2.3 issues fixed in unstable Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-14 15:38:26 UTC (rev 57621) +++ data/CVE/list 2017-11-14 15:42:24 UTC (rev 57622) @@ -7773,7 +7773,7 @@ RESERVED CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, ...) {DSA-4031-1 DLA-1114-1} - - ruby2.3 <unfixed> (bug #875928) + - ruby2.3 2.3.5-1 (bug #875928) - ruby2.1 <removed> - ruby1.9.1 <removed> - ruby1.8 <not-affected> (vunlerable code not present) @@ -17260,7 +17260,7 @@ RESERVED CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby before 2.2.8, ...) {DSA-4031-1 DLA-1114-1 DLA-1113-1} - - ruby2.3 <unfixed> (bug #875931) + - ruby2.3 2.3.5-1 (bug #875931) - ruby2.1 <removed> - ruby1.9.1 <removed> - ruby1.8 <removed> @@ -45993,7 +45993,7 @@ NOT-FOR-US: private_address_check ruby gem CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a ...) {DSA-4031-1} - - ruby2.3 <unfixed> (bug #879231) + - ruby2.3 2.3.5-1 (bug #879231) - ruby2.1 <removed> - ruby1.9.1 <removed> [wheezy] - ruby1.9.1 <not-affected> (Vulnerable code introduced later) @@ -46047,7 +46047,7 @@ NOTE: Not considered a vulnerability per se, if this affects a terminal emulator it's a bug there CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious ...) {DSA-4031-1 DLA-1114-1 DLA-1113-1} - - ruby2.3 <unfixed> (bug #875936) + - ruby2.3 2.3.5-1 (bug #875936) - ruby2.1 <removed> - ruby1.9.1 <removed> - ruby1.8 <removed> _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits