[Secure-testing-commits] r38378 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-12-17 05:24:03 +0000 (Thu, 17 Dec 2015)
New Revision: 38378

Modified:
   data/CVE/list
Log:
Add ruby1,91,1, ruby2.0 and ruby2.1 source package names for CVE-2015-7551

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-16 23:18:52 UTC (rev 38377)
+++ data/CVE/list	2015-12-17 05:24:03 UTC (rev 38378)
@@ -4374,6 +4374,11 @@
 	RESERVED
 CVE-2015-7551
 	RESERVED
+	- ruby1.9.1 <removed>
+	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
+	- ruby2.0 <removed>
+	- ruby2.1 <unfixed> (bug #796344)
+	[jessie] - ruby2.1 <no-dsa> (Minor issue)
 	- ruby2.2 <unfixed> (bug #796551)
 	NOTE: https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/
 	TODO: check correctness for CVE-2009-5147/CVE-2015-7551 record since affects multiple ruby versions