[Secure-testing-commits] r55807 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 16 08:07:28 UTC 2017
Author: carnil
Date: 2017-09-16 08:07:27 +0000 (Sat, 16 Sep 2017)
New Revision: 55807
Modified:
data/CVE/list
Log:
Add CVE-2017-10784/ruby
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-16 06:18:25 UTC (rev 55806)
+++ data/CVE/list 2017-09-16 08:07:27 UTC (rev 55807)
@@ -10444,8 +10444,13 @@
RESERVED
CVE-2017-10785
RESERVED
-CVE-2017-10784
+CVE-2017-10784 [Escape sequence injection vulnerability in the Basic authentication of WEBrick]
RESERVED
+ - ruby2.3 <unfixed>
+ - ruby2.1 <removed>
+ - ruby1.9.1 <removed>
+ - ruby1.8 <removed>
+ NOTE: https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
CVE-2017-10783 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
NOT-FOR-US: XnView
CVE-2017-10782 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
More information about the Secure-testing-commits
mailing list