[Secure-testing-commits] r35782 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 30 04:37:20 UTC 2015
Author: carnil
Date: 2015-07-30 04:37:20 +0000 (Thu, 30 Jul 2015)
New Revision: 35782
Modified:
data/CVE/list
Log:
Add fixed version for ruby2.1, CVE-2015-3900, #790119
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-30 04:36:25 UTC (rev 35781)
+++ data/CVE/list 2015-07-30 04:37:20 UTC (rev 35782)
@@ -4448,7 +4448,7 @@
- libgems-ruby <not-affected> (Affects versions between 2.0 and 2.4.6)
- ruby1.8 <not-affected> (Vulnerable code not present)
- ruby1.9.1 <not-affected> (Bundles 1.8.23, vulnerable code introduced in later 1.9.1 versions)
- - ruby2.1 <unfixed> (bug #790119)
+ - ruby2.1 2.1.5-4 (bug #790119)
[jessie] - ruby2.1 <no-dsa> (Minor issue, can be coupled with a future Ruby DSA)
- ruby2.2 2.2.2-3 (bug #790111)
- jruby 1.7.20.1-2
More information about the Secure-testing-commits
mailing list