[Secure-testing-commits] r9635 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Sun Aug 24 11:10:40 UTC 2008
Author: white
Date: 2008-08-24 11:10:39 +0000 (Sun, 24 Aug 2008)
New Revision: 9635
Modified:
data/CVE/list
Log:
ruby issue affects debian, bugreport already written
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-08-24 10:31:13 UTC (rev 9634)
+++ data/CVE/list 2008-08-24 11:10:39 UTC (rev 9635)
@@ -660,7 +660,8 @@
- iceweasel <unfixed> (unimportant)
NOTE: browser dos not treated as security issues
CVE-2008-3443 (The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, ...)
- TODO: check
+ - ruby1.8 <unfixed> (bug #494401)
+ - ruby1.9 <unfixed> (bug #494401)
CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of ...)
NOT-FOR-US: WinZip
CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the authenticity ...)
More information about the Secure-testing-commits
mailing list