[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2015-7519,ruby-passenger: Will be fixed in Jessie
Markus Koschany
apo at debian.org
Wed Jun 27 19:30:19 BST 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd6cfe7d by Markus Koschany at 2018-06-27T20:29:06+02:00
CVE-2015-7519,ruby-passenger: Will be fixed in Jessie
- - - - -
d46b2d6a by Markus Koschany at 2018-06-27T20:30:09+02:00
Reserve DLA-1399-1 for ruby-passenger
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -120632,7 +120632,6 @@ CVE-2015-7519 (agent/Core/Controller/SendRequest.cpp in Phusion Passenger before
{DLA-394-1}
- passenger 5.0.22-1 (bug #807354)
- ruby-passenger <removed> (bug #864651)
- [jessie] - ruby-passenger <no-dsa> (Minor issue)
[wheezy] - ruby-passenger <no-dsa> (Minor issue)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=956281
NOTE: https://github.com/phusion/passenger/commit/c04590871ca0878d4d3ac1220c5a554b049056b4 (4.x)
=====================================
data/DLA/list
=====================================
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[27 Jun 2018] DLA-1399-1 ruby-passenger - security update
+ {CVE-2015-7519 CVE-2018-12029}
+ [jessie] - ruby-passenger 4.0.53-1+deb8u1
[27 Jun 2018] DLA-1398-1 php-horde-crypt - security update
{CVE-2017-7413 CVE-2017-7414}
[jessie] - php-horde-crypt 2.5.0-5+deb8u1
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -93,8 +93,6 @@ phpmyadmin (Abhijith PA)
--
qemu
--
-ruby-passenger (Markus Koschany)
---
simplesamlphp
NOTE: CVE-2017-12872 fixed in wheezy.
NOTE: CVE-2017-12868 probably not affected as jessie has php 5.6. Should be double-checked though.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/380deb247dfd3d9b3df025489c00cb3a0e0e5b3c...d46b2d6af8b420312834d9431b91ac113a4c2a34
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/380deb247dfd3d9b3df025489c00cb3a0e0e5b3c...d46b2d6af8b420312834d9431b91ac113a4c2a34
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180627/61aebd7e/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list