[Secure-testing-commits] r23206 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Tue Aug 6 16:04:37 UTC 2013
Author: carnil
Date: 2013-08-06 16:04:36 +0000 (Tue, 06 Aug 2013)
New Revision: 23206
Modified:
data/CVE/list
Log:
add fixed version for CVE-2013-4073
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-06 14:59:34 UTC (rev 23205)
+++ data/CVE/list 2013-08-06 16:04:36 UTC (rev 23206)
@@ -2248,7 +2248,7 @@
CVE-2013-4073 [Hostname check bypassing vulnerability in SSL client]
RESERVED
- ruby1.8 1.8.7.358-7.1 (bug #714541)
- - ruby1.9.1 <unfixed> (bug #714543)
+ - ruby1.9.1 1.9.3.194-8.2 (bug #714543)
NOTE: http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
NOTE: https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91158f89 (1.9.3)
NOTE: https://github.com/ruby/ruby/commit/961bf7496ded3acfe847cf56fa90bbdcfd6e614f (1.8.7)
More information about the Secure-testing-commits
mailing list