[Secure-testing-commits] r55323 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Thu Aug 31 15:59:41 UTC 2017
Author: anarcat
Date: 2017-08-31 15:59:41 +0000 (Thu, 31 Aug 2017)
New Revision: 55323
Modified:
data/CVE/list
Log:
CVE-2017-0902 N/A in wheezy
this concerns SRV lookup code that was introduce later (present in 2.1
and above)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-31 15:55:50 UTC (rev 55322)
+++ data/CVE/list 2017-08-31 15:59:41 UTC (rev 55323)
@@ -36964,7 +36964,9 @@
- ruby2.3 <unfixed> (bug #873802)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
+ [wheezy] - ruby1.9.1 <not-affected> (Vulnerable code introduced later)
- rubygems <removed>
+ [wheezy] - rubygems <not-affected> (Vulnerable code introduced later)
NOTE: https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
More information about the Secure-testing-commits
mailing list