[Secure-testing-commits] r16261 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun Feb 27 18:37:45 UTC 2011
Author: gilbert-guest
Date: 2011-02-27 18:37:33 +0000 (Sun, 27 Feb 2011)
New Revision: 16261
Modified:
data/CVE/list
Log:
ruby/eglibc issues fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-26 21:33:14 UTC (rev 16260)
+++ data/CVE/list 2011-02-27 18:37:33 UTC (rev 16261)
@@ -1,6 +1,6 @@
CVE-2010-XXXX [eglibc: memory corruption]
- glibc <removed>
- - eglibc <unfixed> (bug #615120)
+ - eglibc 2.11.2-12 (bug #615120)
NOTE: poc does not work on version 2.13 in experimental
CVE-2011-XXXX [python2.6: distutils world-readable password]
- python2.6 <unfixed> (low; bug #615118)
@@ -273,13 +273,13 @@
RESERVED
CVE-2011-1005 [Ruby Exception methods can bypass $SAFE]
RESERVED
- - ruby1.8 <unfixed>
+ - ruby1.8 1.8.7.334-1
- ruby1.9 <removed>
- ruby1.9.1 <unfixed>
TODO: check
CVE-2011-1004 [Ruby FileUtils.remove_entry_secure symlink attack]
RESERVED
- - ruby1.8 <unfixed>
+ - ruby1.8 1.8.7.334-1
- ruby1.9 <removed>
- ruby1.9.1 <unfixed>
TODO: check
More information about the Secure-testing-commits
mailing list