[Secure-testing-commits] r57563 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Nov 11 21:10:14 UTC 2017


Author: sectracker
Date: 2017-11-11 21:10:14 +0000 (Sat, 11 Nov 2017)
New Revision: 57563

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-11 20:32:20 UTC (rev 57562)
+++ data/CVE/list	2017-11-11 21:10:14 UTC (rev 57563)
@@ -7682,7 +7682,7 @@
 CVE-2017-14034
 	RESERVED
 CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, ...)
-	{DLA-1114-1}
+	{DSA-4031-1 DLA-1114-1}
 	- ruby2.3 <unfixed> (bug #875928)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>
@@ -17180,7 +17180,7 @@
 CVE-2017-10785
 	RESERVED
 CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby before 2.2.8, ...)
-	{DLA-1114-1 DLA-1113-1}
+	{DSA-4031-1 DLA-1114-1 DLA-1113-1}
 	- ruby2.3 <unfixed> (bug #875931)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>
@@ -23030,7 +23030,7 @@
 	RESERVED
 CVE-2017-8806
 	RESERVED
-	{DSA-4029-1}
+	{DSA-4029-1 DLA-1169-1}
 	- postgresql-common 188
 CVE-2017-8805 (Debian ftpsync before 20171017 does not use the rsync --safe-links ...)
 	- archvsync 20171017
@@ -45883,6 +45883,7 @@
 CVE-2017-0904
 	RESERVED
 CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a ...)
+	{DSA-4031-1}
 	- ruby2.3 <unfixed> (bug #879231)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>
@@ -45936,7 +45937,7 @@
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
 	NOTE: Not considered a vulnerability per se, if this affects a terminal emulator it's a bug there
 CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious ...)
-	{DLA-1114-1 DLA-1113-1}
+	{DSA-4031-1 DLA-1114-1 DLA-1113-1}
 	- ruby2.3 <unfixed> (bug #875936)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>




More information about the Secure-testing-commits mailing list