[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new ruby issue

Moritz Muehlenhoff Sat, 31 Mar 2018 09:00:51 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f9845649 by Moritz Muehlenhoff at 2018-03-31T17:59:57+02:00
new ruby issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -901,8 +901,13 @@ CVE-2018-8782
        RESERVED
 CVE-2018-8781
        RESERVED
-CVE-2018-8780
+CVE-2018-8780 [ruby: Unintentional directory traversal by poisoned NUL byte in 
Dir]
        RESERVED
+       - ruby2.5 <unfixed>
+       - ruby2.3 <unfixed>
+       - ruby2.1 <removed>
+       - ruby1.9.1 <removed>
+       NOTE: 
https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/
 CVE-2018-8779 [ruby: Unintentional socket creation by poisoned NUL byte in 
UNIXServer and UNIXSocket]
        RESERVED
        - ruby2.5 <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f984564932b03a3494fba70fa91bd9dff1a79c8b

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f984564932b03a3494fba70fa91bd9dff1a79c8b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new ruby issue

Reply via email to