[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add commit for CVE-2018-8778
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 5 05:31:48 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
838aa9ae by Salvatore Bonaccorso at 2018-04-05T06:31:29+02:00
Add commit for CVE-2018-8778
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1324,6 +1324,7 @@ CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
- ruby1.9.1 <removed>
NOTE: https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/
NOTE: https://hackerone.com/reports/298246
+ NOTE: Fixed by: https://github.com/ruby/ruby/commit/d02b7bd864706fc2a40d83fb6014772ad3cc3b80
NOTE: Fixed by: https://github.com/ruby/ruby/commit/4cd92d7b13002161a3452a0fe278b877901a8859 (2.2.10)
CVE-2018-8777 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
- ruby2.5 2.5.1-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/838aa9aecb9b94d008232c5032fc43319da0fee0
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/838aa9aecb9b94d008232c5032fc43319da0fee0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180405/8a3d58bd/attachment.html>
More information about the debian-security-tracker-commits
mailing list