[Git][security-tracker-team/security-tracker][master] Remove no-dsa/postponed tagged entries for ruby2.1 which got update in DLA-1421-1

Salvatore Bonaccorso carnil at debian.org
Fri Jul 13 19:56:13 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0815b33b by Salvatore Bonaccorso at 2018-07-13T20:55:36+02:00
Remove no-dsa/postponed tagged entries for ruby2.1 which got update in DLA-1421-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -28451,7 +28451,6 @@ CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2.
 	- ruby2.3 <removed> (bug #884879)
 	[stretch] - ruby2.3 <postponed> (Minor issue, can be fixed along in future DSA)
 	- ruby2.1 <removed>
-	[jessie] - ruby2.1 <postponed> (Minor issue, can be fixed along in future DSA)
 	- ruby1.9.1 <removed>
 	- ruby1.8 <removed>
 	NOTE: https://github.com/ruby/ruby/pull/1777
@@ -61064,7 +61063,6 @@ CVE-2015-9096 (Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command inje
 	{DSA-3966-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #864860)
 	- ruby2.1 <removed>
-	[jessie] - ruby2.1 <no-dsa> (Minor issue)
 	- ruby1.9.1 <removed>
 	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue, Net::SMTP users should validate data they send too)
 	- ruby1.8 <removed>
@@ -94830,7 +94828,6 @@ CVE-2016-7798 (The openssl gem for Ruby uses the same initialization vector (IV)
 	{DSA-3966-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #842432)
 	- ruby2.1 <removed> (bug #842544)
-	[jessie] - ruby2.1 <no-dsa> (Minor issue)
 	NOTE: https://github.com/ruby/openssl/issues/49
 	NOTE: https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062
 	- ruby-attr-encrypted 3.0.1-2
@@ -112278,7 +112275,6 @@ CVE-2016-2340 (The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows 
 CVE-2016-2339 (An exploitable heap overflow vulnerability exists in the ...)
 	- ruby2.3 2.3.0-1
 	- ruby2.1 <removed> (bug #851161)
-	[jessie] - ruby2.1 <no-dsa> (Minor issue)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0034/
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/bcc2421b4938fc1d9f5f3fb6ef2320571b27af42
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/de577357e80fa15f5cf13a81aa3decc783ea929e



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0815b33b245370cdf7ce07a6a3e3909d1c5a1b8c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0815b33b245370cdf7ce07a6a3e3909d1c5a1b8c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180713/c641bfde/attachment.html>

More information about the debian-security-tracker-commits mailing list