[Secure-testing-commits] r35755 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jul 28 14:50:58 UTC 2015


Author: carnil
Date: 2015-07-28 14:50:58 +0000 (Tue, 28 Jul 2015)
New Revision: 35755

Modified:
   data/CVE/list
Log:
Add CVE-2009-5147, left TODO

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-28 12:42:40 UTC (rev 35754)
+++ data/CVE/list	2015-07-28 14:50:58 UTC (rev 35755)
@@ -9167,6 +9167,14 @@
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5
+CVE-2009-5147
+	- ruby1.8 <removed>
+	- ruby1.9.1 <removed>
+	- ruby2.0 <removed>
+	- ruby2.1 <unfixed>
+	- ruby2.2 <unfixed>
+	NOTE: https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b
+	TODO: check
 CVE-2009-5146 [memory leak in hostname TLS extension]
 	RESERVED
 	- openssl 0.9.8k-1




More information about the Secure-testing-commits mailing list