[Secure-testing-commits] r58846 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 22 16:11:11 UTC 2017
Author: carnil
Date: 2017-12-22 16:11:11 +0000 (Fri, 22 Dec 2017)
New Revision: 58846
Modified:
data/CVE/list
Log:
Fix for CVE-2017-17405 for ruby2.3 is inclueed in new upstream version 2.3.6
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-22 13:53:30 UTC (rev 58845)
+++ data/CVE/list 2017-12-22 16:11:11 UTC (rev 58846)
@@ -6101,7 +6101,7 @@
RESERVED
CVE-2017-17405 (Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, ...)
- ruby2.5 <unfixed> (bug #884437)
- - ruby2.3 <unfixed> (bug #884438)
+ - ruby2.3 2.3.6-1 (bug #884438)
[stretch] - ruby2.3 <postponed> (Minor issue, can be fixed along in a future update)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
More information about the Secure-testing-commits
mailing list