[Secure-testing-commits] r40544 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Mar 23 23:06:58 UTC 2016
Author: jmm
Date: 2016-03-23 23:06:58 +0000 (Wed, 23 Mar 2016)
New Revision: 40544
Modified:
data/CVE/list
Log:
remove ruby-jwt entry
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-23 22:44:47 UTC (rev 40543)
+++ data/CVE/list 2016-03-23 23:06:58 UTC (rev 40544)
@@ -27257,10 +27257,9 @@
- pyjwt 1.3.0-1 (bug #781640)
[jessie] - pyjwt 0.2.1-1+deb8u1
NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned
- - ruby-jwt <unfixed>
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/01/4
NOTE: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
- TODO: check (various libraries)
+ NOTE: ruby-jwt not directly affected, see https://github.com/jwt/ruby-jwt/issues/76
CVE-2015-2810 (Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom ...)
NOT-FOR-US: Hancom Office Hwp
CVE-2015-2809 (The Multicast DNS (mDNS) responder in Synology DiskStation Manager ...)
More information about the Secure-testing-commits
mailing list