[Secure-testing-commits] r30462 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 30 16:39:54 UTC 2014
Author: carnil
Date: 2014-11-30 16:39:54 +0000 (Sun, 30 Nov 2014)
New Revision: 30462
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-8090/ruby2.1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-30 15:38:43 UTC (rev 30461)
+++ data/CVE/list 2014-11-30 16:39:54 UTC (rev 30462)
@@ -2994,7 +2994,7 @@
- ruby1.8 <not-affected> (Incomplete fix never relesed for 1.9)
- ruby1.9.1 <not-affected> (Incomplete fix never relesed for 1.9)
- ruby2.0 <not-affected> (Incomplete fix never relesed for 1.9)
- - ruby2.1 <unfixed> (bug #770932)
+ - ruby2.1 2.1.5-1 (bug #770932)
NOTE: For the incomplete fix for CVE-2014-8080
NOTE: https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
CVE-2014-8087
More information about the Secure-testing-commits
mailing list