[Secure-testing-commits] r45040 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Oct 4 20:25:45 UTC 2016
Author: carnil
Date: 2016-10-04 20:25:45 +0000 (Tue, 04 Oct 2016)
New Revision: 45040
Modified:
data/CVE/list
Log:
Add CVE-2016-7954/bundler
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-04 20:19:11 UTC (rev 45039)
+++ data/CVE/list 2016-10-04 20:25:45 UTC (rev 45040)
@@ -1598,8 +1598,12 @@
RESERVED
CVE-2016-7955
RESERVED
-CVE-2016-7954
+CVE-2016-7954 [code execution via gem name collission in bundler]
RESERVED
+ - bundler <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
+ NOTE: There is no plan (yet) from upstream to address this for bundler 1.x
+ TODO: check
CVE-2016-7953
RESERVED
- libxvmc <unfixed>
More information about the Secure-testing-commits
mailing list