[Secure-testing-commits] r8270 - data/CVE

[thijs at alioth.debian.org]

Author: thijs
Date: 2008-03-05 14:19:05 +0000 (Wed, 05 Mar 2008)
New Revision: 8270

Modified:
   data/CVE/list
Log:
ruby non-issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-03-05 14:13:34 UTC (rev 8269)
+++ data/CVE/list	2008-03-05 14:19:05 UTC (rev 8270)
@@ -1,3 +1,7 @@
+CVE-2008-XXXX [File access vulnerability of WEBrick]
+	- ruby1.8 <not-affected> (bug #469475, Windows/Apple only)
+	- ruby1.9 <not-affected> (bug #469482, Windows/Apple only)
+	NOTE: http://www.ruby-lang.org/en/news/2008/03/03/webrick-file-access-vulnerability/
 CVE-2008-XXXX [file disclosure in dovecot]
 	- dovecot <unfixed> (medium; bug #469457)
 CVE-2008-1132 (Untrusted search path vulnerability in src/mainwindow.c in Net ...)