[Secure-testing-commits] r57936 - in data: . CVE

Emilio Pozuelo Monfort pochu at moszumanska.debian.org
Wed Nov 22 19:33:52 UTC 2017


Author: pochu
Date: 2017-11-22 19:33:52 +0000 (Wed, 22 Nov 2017)
New Revision: 57936

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
ruby-passenger n/a on wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-22 19:19:28 UTC (rev 57935)
+++ data/CVE/list	2017-11-22 19:33:52 UTC (rev 57936)
@@ -2075,6 +2075,7 @@
 	- passenger <unfixed>
 	- ruby-passenger <removed>
 	[jessie] - ruby-passenger <no-dsa> (Minor issue)
+	[wheezy] - ruby-passenger <not-affected> (Vulnerable code introduced later)
 	NOTE: https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/
 	NOTE: https://github.com/phusion/passenger/commit/4043718264095cde6623c2cbe8c644541036d7bf
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/21/2 and following.

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2017-11-22 19:19:28 UTC (rev 57935)
+++ data/dla-needed.txt	2017-11-22 19:33:52 UTC (rev 57936)
@@ -84,8 +84,6 @@
 rtpproxy
   NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog
 --
-ruby-passenger (Emilio Pozuelo)
---
 simplesamlphp
   NOTE: 2017-09-04: Maintainer will handle this.
   NOTE: https://lists.debian.org/debian-lts/2017/09/msg00010.html




More information about the Secure-testing-commits mailing list