[Secure-testing-commits] r56162 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Tue Sep 26 18:24:00 UTC 2017
Author: anarcat
Date: 2017-09-26 18:23:59 +0000 (Tue, 26 Sep 2017)
New Revision: 56162
Modified:
data/CVE/list
Log:
ruby 1.8 not affected by CVE-2017-14033: test does not fail
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-26 18:22:10 UTC (rev 56161)
+++ data/CVE/list 2017-09-26 18:23:59 UTC (rev 56162)
@@ -1972,7 +1972,7 @@
- ruby2.3 <unfixed> (bug #875928)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- - ruby1.8 <removed>
+ - ruby1.8 <not-affected> (vunlerable code not present)
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1058757
NOTE: https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
NOTE: https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b
More information about the Secure-testing-commits
mailing list