[Secure-testing-commits] r30202 - data/CVE

Holger Levsen holger at moszumanska.debian.org
Fri Nov 21 00:19:27 UTC 2014


Author: holger
Date: 2014-11-21 00:19:26 +0000 (Fri, 21 Nov 2014)
New Revision: 30202

Modified:
   data/CVE/list
Log:
mark CVE-2014-4975 as not affecting squeeze, the code is not present in 1.8.7

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-20 23:26:43 UTC (rev 30201)
+++ data/CVE/list	2014-11-21 00:19:26 UTC (rev 30202)
@@ -9989,7 +9989,7 @@
 CVE-2014-4975 (Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and ...)
 	- ruby1.8 <removed> (low)
 	[wheezy] - ruby1.8 <no-dsa> (Minor issue)
-	[squeeze] - ruby1.8 <no-dsa> (Minor issue)
+	[squeeze] - ruby1.8 <not-affected> (Vulnerable code not present in 1.8.7)
 	- ruby1.9.1 <removed> (low)
 	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
 	- ruby2.0 <removed> (low)




More information about the Secure-testing-commits mailing list