[Secure-testing-commits] r55323 - data/CVE

Antoine Beaupré anarcat at moszumanska.debian.org
Thu Aug 31 15:59:41 UTC 2017


Author: anarcat
Date: 2017-08-31 15:59:41 +0000 (Thu, 31 Aug 2017)
New Revision: 55323

Modified:
   data/CVE/list
Log:
CVE-2017-0902 N/A in wheezy

this concerns SRV lookup code that was introduce later (present in 2.1
and above)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-31 15:55:50 UTC (rev 55322)
+++ data/CVE/list	2017-08-31 15:59:41 UTC (rev 55323)
@@ -36964,7 +36964,9 @@
 	- ruby2.3 <unfixed> (bug #873802)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>
+	[wheezy] - ruby1.9.1 <not-affected> (Vulnerable code introduced later)
 	- rubygems <removed>
+	[wheezy] - rubygems <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch




More information about the Secure-testing-commits mailing list