[Secure-testing-commits] r35183 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jun 27 06:18:46 UTC 2015
Author: carnil
Date: 2015-06-27 06:18:46 +0000 (Sat, 27 Jun 2015)
New Revision: 35183
Modified:
data/CVE/list
Log:
Update CVE-2015-3900
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-27 05:56:15 UTC (rev 35182)
+++ data/CVE/list 2015-06-27 06:18:46 UTC (rev 35183)
@@ -2791,10 +2791,15 @@
CVE-2015-3901
RESERVED
CVE-2015-3900 (RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before ...)
- - rubygems <removed>
- - libgems-ruby <removed>
+ - rubygems <not-affected> (Affects versions between 2.0 and 2.4.6)
+ - libgems-ruby <not-affected> (Affects versions between 2.0 and 2.4.6)
+ - ruby1.8 <not-affected> (Vulnerable code not present)
+ - ruby1.9.1 <removed>
+ - ruby2.1 <unfixed>
+ - ruby2.2 <unfixed>
NOTE: https://github.com/rubygems/rubygems/commit/6bbee35
NOTE: https://github.com/rubygems/rubygems/commit/5c7bfb5
+ NOTE: http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html
TODO: check
CVE-2015-3899
RESERVED
More information about the Secure-testing-commits
mailing list