[Secure-testing-commits] r23725 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Thu Sep 19 04:59:41 UTC 2013
Author: carnil
Date: 2013-09-19 04:59:40 +0000 (Thu, 19 Sep 2013)
New Revision: 23725
Modified:
data/CVE/list
Log:
Add item for CVE-2013-4363/rubygems
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-18 21:14:27 UTC (rev 23724)
+++ data/CVE/list 2013-09-19 04:59:40 UTC (rev 23725)
@@ -3071,6 +3071,11 @@
RESERVED
CVE-2013-4363
RESERVED
+ - rubygems <unfixed> (unimportant; bug #722361)
+ [squeeze] - libgems-ruby <removed> (unimportant; bug #722361)
+ NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing
+ NOTE: it a potential elevated CPU consumption doesn't add any extra harm
+ NOTE: CVE for incomplete fix for CVE-2013-4287
CVE-2013-4362 [Insecure use of system]
RESERVED
- davfs2 <unfixed> (bug #723034)
More information about the Secure-testing-commits
mailing list