[Secure-testing-commits] r56561 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Oct 10 04:53:35 UTC 2017
Author: carnil
Date: 2017-10-10 04:53:35 +0000 (Tue, 10 Oct 2017)
New Revision: 56561
Modified:
data/CVE/list
Log:
Add new ruby issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-10 04:48:05 UTC (rev 56560)
+++ data/CVE/list 2017-10-10 04:53:35 UTC (rev 56561)
@@ -40823,8 +40823,13 @@
RESERVED
CVE-2017-0904
RESERVED
-CVE-2017-0903
+CVE-2017-0903 [Unsafe Object Deserialization Vulnerability]
RESERVED
+ - ruby2.3 <unfixed>
+ - ruby2.1 <removed>
+ - ruby1.9.1 <removed>
+ - rubygems <removed>
+ NOTE: http://www.openwall.com/lists/oss-security/2017/10/10/2
CVE-2017-0902 (RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking ...)
{DSA-3966-1}
- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
More information about the Secure-testing-commits
mailing list