[Git][security-tracker-team/security-tracker][master] ruby-grape, bouncycastle no-dsa

Moritz Muehlenhoff jmm at debian.org
Fri Jul 13 20:23:42 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3bb788e by Moritz Muehlenhoff at 2018-07-13T21:23:14+02:00
ruby-grape, bouncycastle no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -567,7 +567,8 @@ CVE-2018-1000615 (ONOS ONOS Controller version 1.13.1 and earlier contains a Den
 CVE-2018-1000614 (ONOS ONOS Controller version 1.13.1 and earlier contains a XML ...)
 	NOT-FOR-US: ONOS
 CVE-2018-1000613 (Legion of the Bouncy Castle Legion of the Bouncy Castle Java ...)
-	- bouncycastle 1.60-1
+	- bouncycastle 1.60-1 (low)
+	[stretch] - bouncycastle <no-dsa> (Minor issue)
 	NOTE: https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
 	NOTE: https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
 CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross ...)
@@ -27393,6 +27394,7 @@ CVE-2018-3770
 	RESERVED
 CVE-2018-3769 (ruby-grape ruby gem suffers from a cross-site scripting (XSS) ...)
 	- ruby-grape <unfixed> (bug #903086)
+	[stretch] - ruby-grape <no-dsa> (Minor issue)
 	NOTE: https://github.com/ruby-grape/grape/commit/6876b71efc7b03f7ce1be3f075eaa4e7e6de19af
 	NOTE: https://github.com/ruby-grape/grape/issues/1762
 	NOTE: https://github.com/ruby-grape/grape/pull/1763



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e3bb788e26c2af66725d1ac973873683c77917b4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e3bb788e26c2af66725d1ac973873683c77917b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180713/e53d671e/attachment.html>

More information about the debian-security-tracker-commits mailing list