[Secure-testing-commits] r30055 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Nov 14 07:17:10 UTC 2014


Author: carnil
Date: 2014-11-14 07:17:10 +0000 (Fri, 14 Nov 2014)
New Revision: 30055

Modified:
   data/CVE/list
Log:
Add CVE-2014-8090/ruby

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-14 07:14:34 UTC (rev 30054)
+++ data/CVE/list	2014-11-14 07:17:10 UTC (rev 30055)
@@ -1282,8 +1282,15 @@
 	RESERVED
 CVE-2014-8091
 	RESERVED
-CVE-2014-8090
+CVE-2014-8090 [Incomplete fix for CVE-2014-8080]
 	RESERVED
+	- ruby1.8 <removed>
+	- ruby1.9.1 <removed>
+	- ruby2.0 <removed>
+	- ruby2.1 <unfixed>
+	NOTE: As it is for the incomplete fix for CVE-2014-8090 might only apply to ruby2.1
+	NOTE: which already had an update.
+	TODO: check, see CVE-2014-8080
 CVE-2014-8087
 	RESERVED
 CVE-2014-8085




More information about the Secure-testing-commits mailing list