[Secure-testing-commits] r2065 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Sep 21 07:38:27 UTC 2005


Author: jmm-guest
Date: 2005-09-21 07:38:24 +0000 (Wed, 21 Sep 2005)
New Revision: 2065

Modified:
   data/CAN/list
Log:
three new ruby security issues. I don't know anything about Ruby beyond
the fact of it's mere existance, so I can't say how grave these issues
are.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-21 07:27:30 UTC (rev 2064)
+++ data/CAN/list	2005-09-21 07:38:24 UTC (rev 2065)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [Incorrect handling of "safe levels" in Ruby]
+	- ruby1.6 1.6.8-13 (unknown)
+	- ruby1.8 1.8.3-1 (unknown)
+	- ruby1.9 1.9.0+20050921-1 (unknown)
 CAN-2005-XXXX [Insecure temp files in bacula]
 	- bacula (bug #329271; low)
 CAN-2005-XXXX [freeradius buffer overflows and SQL injection]
@@ -3185,7 +3189,6 @@
 	NOTE: reserved
 CAN-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as ...)
 	- cupsys 1.1.20final+rc1-1 (low)
-	NOTE: CVE assignement requested from mitre
 CAN-2005-2116
 	NOTE: rejected
 	{DSA-745-1}




More information about the Secure-testing-commits mailing list