[Secure-testing-commits] r34599 - data/CVE
Thorsten Alteholz
alteholz at moszumanska.debian.org
Sat May 30 18:17:52 UTC 2015
Author: alteholz
Date: 2015-05-30 18:17:52 +0000 (Sat, 30 May 2015)
New Revision: 34599
Modified:
data/CVE/list
Log:
added notes to other open ruby CVEs in squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-30 18:12:00 UTC (rev 34598)
+++ data/CVE/list 2015-05-30 18:17:52 UTC (rev 34599)
@@ -62304,7 +62304,7 @@
- linux <not-affected> (Vulnerable code introduced in 3.3)
CVE-2012-4466 (Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 ...)
- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
- [squeeze] - ruby1.9.1 <no-dsa> (Minor issue)
+ [squeeze] - ruby1.9.1 <not-affected> (Minor issue, please recheck)
CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c in cgit ...)
- cgit <not-affected> (Fixed before the initial upload into the archive)
CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows ...)
@@ -78059,7 +78059,7 @@
- ruby1.9 <removed> (low; bug #646020)
[lenny] - ruby1.9 <no-dsa> (Minor issue)
- ruby1.9.1 <removed> (low; bug #646020)
- [squeeze] - ruby1.9.1 <no-dsa> (Minor issue)
+ [squeeze] - ruby1.9.1 <no-dsa> (Minor issue, there seems to be no patch upstream)
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
CVE-2011-3623 (Multiple stack-based buffer overflows in VideoLAN VLC media player ...)
- vlc 1.1.3-1
@@ -85880,7 +85880,7 @@
[squeeze] - ruby1.8 <no-dsa> (Minor issue)
- ruby1.9 <removed> (bug #615519)
[lenny] - ruby1.9 <no-dsa> (Minor issue)
- [squeeze] - ruby1.9 <no-dsa> (Minor issue)
+ [squeeze] - ruby1.9 <no-dsa> (Minor issue, patch would change behaviour and might break things)
- ruby1.9.1 1.9.2.180-1 (bug #615519)
CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings function in ...)
- clamav 0.97+dfsg-1 (low)
More information about the Secure-testing-commits
mailing list