[Secure-testing-commits] r55322 - data/CVE

[Antoine Beaupré]

Author: anarcat
Date: 2017-08-31 15:55:50 +0000 (Thu, 31 Aug 2017)
New Revision: 55322

Modified:
   data/CVE/list
Log:
clarify descriptions of ruby vulnerabilities



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-31 15:37:07 UTC (rev 55321)
+++ data/CVE/list	2017-08-31 15:55:50 UTC (rev 55322)
@@ -36959,7 +36959,7 @@
 	RESERVED
 CVE-2017-0903
 	RESERVED
-CVE-2017-0902 [DNS issue]
+CVE-2017-0902 [DNS request hijacking vulnerability]
 	RESERVED
 	- ruby2.3 <unfixed> (bug #873802)
 	- ruby2.1 <removed>
@@ -36969,7 +36969,7 @@
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0901 [overwrite any file]
+CVE-2017-0901 [gem installer allows a malicious gem to overwrite arbitrary files]
 	RESERVED
 	- ruby2.3 <unfixed> (bug #873802)
 	- ruby2.1 <removed>
@@ -36979,7 +36979,7 @@
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0900 [query command]
+CVE-2017-0900 [DOS vulernerability in the query command]
 	RESERVED
 	- ruby2.3 <unfixed> (bug #873802)
 	- ruby2.1 <removed>
@@ -36989,7 +36989,7 @@
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0899 [ANSI escape issue]
+CVE-2017-0899 [ANSI escape sequence vulnerability]
 	RESERVED
 	- ruby2.3 <unfixed> (bug #873802)
 	- ruby2.1 <removed>