[Secure-testing-commits] r39165 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jan 25 20:24:38 UTC 2016


Author: carnil
Date: 2016-01-25 20:24:38 +0000 (Mon, 25 Jan 2016)
New Revision: 39165

Modified:
   data/CVE/list
Log:
CVE-2015-7551/ruby2.2 fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-25 20:18:44 UTC (rev 39164)
+++ data/CVE/list	2016-01-25 20:24:38 UTC (rev 39165)
@@ -8491,7 +8491,7 @@
 	- ruby2.0 <removed>
 	- ruby2.1 <unfixed> (bug #796344)
 	[jessie] - ruby2.1 <no-dsa> (Minor issue)
-	- ruby2.2 <unfixed> (bug #796551)
+	- ruby2.2 2.2.4-1 (bug #796551)
 	NOTE: https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/
 	TODO: check correctness for CVE-2009-5147/CVE-2015-7551 record since affects multiple ruby versions
 CVE-2015-7550 [Linux keyring subsystem race leads to null dereference]




More information about the Secure-testing-commits mailing list