[Secure-testing-commits] r55356 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 1 05:24:55 UTC 2017
Author: carnil
Date: 2017-09-01 05:24:55 +0000 (Fri, 01 Sep 2017)
New Revision: 55356
Modified:
data/CVE/list
Log:
Add new ruby issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-01 05:13:25 UTC (rev 55355)
+++ data/CVE/list 2017-09-01 05:24:55 UTC (rev 55356)
@@ -25,7 +25,11 @@
CVE-2017-14065
RESERVED
CVE-2017-14064 (Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can ...)
- TODO: check
+ - ruby2.3 <unfixed>
+ - ruby2.1 <removed>
+ - ruby1.9.1 <removed>
+ NOTE: https://bugs.ruby-lang.org/issues/13853
+ NOTE: https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85
CVE-2017-14062 (Integer overflow in the decode_digit function in puny_decode.c in ...)
- libidn2-0 <unfixed> (bug #873902)
- libidn <unfixed> (bug #873903)
More information about the Secure-testing-commits
mailing list