[Secure-testing-commits] r39341 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 30 09:43:15 UTC 2016
Author: carnil
Date: 2016-01-30 09:43:14 +0000 (Sat, 30 Jan 2016)
New Revision: 39341
Modified:
data/CVE/list
Log:
Two more older gitlab CVEs as not-affecteed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-30 09:40:51 UTC (rev 39340)
+++ data/CVE/list 2016-01-30 09:43:14 UTC (rev 39341)
@@ -63560,11 +63560,9 @@
- rails <not-affected> (Vulnerable code not present)
NOTE: Starting with 2.3.14.1 rails is a transition package
CVE-2013-4490 (The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...)
- - gitlab <unfixed>
- TODO: check version which entered the archive
+ - gitlab <not-affected> (Fixed before initial release to Debian)
CVE-2013-4489 (The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x ...)
- - gitlab <unfixed>
- TODO: check version which entered the archive
+ - gitlab <not-affected> (Fixed before initial release to Debian)
CVE-2013-4488 (libgadu before 1.12.0 does not verify X.509 certificates from SSL ...)
- libgadu <unfixed> (unimportant)
NOTE: Intentional design decision
More information about the Secure-testing-commits
mailing list