[Secure-testing-commits] r54622 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Aug 11 14:37:41 UTC 2017
Author: jmm
Date: 2017-08-11 14:37:41 +0000 (Fri, 11 Aug 2017)
New Revision: 54622
Modified:
data/CVE/list
Log:
ruby-passenger no-dsa, remove n/a entryy for wheezy, it's clearly affected
mark arc as ignored
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-11 14:27:52 UTC (rev 54621)
+++ data/CVE/list 2017-08-11 14:37:41 UTC (rev 54622)
@@ -70014,9 +70014,10 @@
{DLA-394-1}
- passenger 5.0.22-1 (bug #807354)
- ruby-passenger <removed> (bug #864651)
- [wheezy] - ruby-passenger <not-affected> (Vulnerable code not present)
+ [jessie] - ruby-passenger <no-dsa> (Minor issue)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=956281
- NOTE: https://github.com/phusion/passenger/commit/ddb8ecc4ebf260e4967f57f271d4f5761abeac3e
+ NOTE: https://github.com/phusion/passenger/commit/c04590871ca0878d4d3ac1220c5a554b049056b4 (4.x)
+ NOTE: https://github.com/phusion/passenger/commit/ddb8ecc4ebf260e4967f57f271d4f5761abeac3e (5.x)
CVE-2015-7518 (Multiple cross-site scripting (XSS) vulnerabilities in information ...)
- foreman <itp> (bug #663101)
CVE-2015-7517
@@ -90879,8 +90880,8 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
CVE-2015-XXXX [directory traversal]
- arc <unfixed> (low; bug #774527)
- [stretch] - arc <no-dsa> (Minor issue)
- [jessie] - arc <no-dsa> (Minor issue)
+ [stretch] - arc <ignored> (Minor issue)
+ [jessie] - arc <ignored> (Minor issue)
[wheezy] - arc <no-dsa> (Minor issue)
[squeeze] - arc <no-dsa> (Minor issue)
CVE-2015-XXXX [saves unknown host's fingerprint in known_hosts without any prompt]
More information about the Secure-testing-commits
mailing list