[Secure-testing-commits] r14448 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sun Apr 11 11:20:58 UTC 2010
Author: derevko-guest
Date: 2010-04-11 11:20:56 +0000 (Sun, 11 Apr 2010)
New Revision: 14448
Modified:
data/CVE/list
Log:
ruby1.9 removed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-11 09:14:48 UTC (rev 14447)
+++ data/CVE/list 2010-04-11 11:20:56 UTC (rev 14448)
@@ -3762,7 +3762,7 @@
NOT-FOR-US: Orion httpd
CVE-2009-4492 (WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through ...)
- ruby1.8 1.8.7.249-1 (unimportant; bug #564598)
- - ruby1.9 <unfixed> (unimportant; bug #564647)
+ - ruby1.9 <removed> (unimportant; bug #564647)
- ruby1.9.1 1.9.1.378-1 (unimportant; bug #564646)
NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
NOTE: same as CVE-2009-4487
@@ -4978,7 +4978,7 @@
RESERVED
CVE-2009-4124 (Heap-based buffer overflow in the rb_str_justify function in string.c ...)
- ruby1.9.1 1.9.1.376-1
- - ruby1.9 <unfixed> (bug #572817)
+ - ruby1.9 <removed> (bug #572817)
- ruby1.8 <not-affected>
NOTE: http://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string/
CVE-2009-4123
@@ -11997,7 +11997,7 @@
CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...)
{DSA-1860-1}
- ruby1.8 1.8.7.173-1 (low; bug #532689)
- - ruby1.9 <unfixed> (bug #575778)
+ - ruby1.9 <removed> (bug #575778)
NOTE: http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/
CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows ...)
- libapache-mod-security 2.5.9-1
More information about the Secure-testing-commits
mailing list