Author: carnil
Date: 2017-11-14 15:42:24 +0000 (Tue, 14 Nov 2017)
New Revision: 57622
Modified:
data/CVE/list
Log:
ruby2.3 issues fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-14 15:38:26 UTC (rev 57621)
+++ data/CVE/list 2017-11-14 15:42:24 UTC (rev 57622)
@@ -7773,7 +7773,7 @@
RESERVED
CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before
2.2.8, ...)
{DSA-4031-1 DLA-1114-1}
- - ruby2.3 <unfixed> (bug #875928)
+ - ruby2.3 2.3.5-1 (bug #875928)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <not-affected> (vunlerable code not present)
@@ -17260,7 +17260,7 @@
RESERVED
CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby
before 2.2.8, ...)
{DSA-4031-1 DLA-1114-1 DLA-1113-1}
- - ruby2.3 <unfixed> (bug #875931)
+ - ruby2.3 2.3.5-1 (bug #875931)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -45993,7 +45993,7 @@
NOT-FOR-US: private_address_check ruby gem
CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a
...)
{DSA-4031-1}
- - ruby2.3 <unfixed> (bug #879231)
+ - ruby2.3 2.3.5-1 (bug #879231)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <not-affected> (Vulnerable code introduced later)
@@ -46047,7 +46047,7 @@
NOTE: Not considered a vulnerability per se, if this affects a terminal
emulator it's a bug there
CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a
malicious ...)
{DSA-4031-1 DLA-1114-1 DLA-1113-1}
- - ruby2.3 <unfixed> (bug #875936)
+ - ruby2.3 2.3.5-1 (bug #875936)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
