[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new ruby issue
Moritz Muehlenhoff
jmm at debian.org
Fri Mar 30 09:02:33 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
114c743b by Moritz Muehlenhoff at 2018-03-30T11:02:07+02:00
new ruby issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5889,8 +5889,13 @@ CVE-2018-6916 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, ...)
NOTE: kfreebsd not covered by security support
CVE-2018-6915
RESERVED
-CVE-2018-6914
+CVE-2018-6914 [Unintentional file and directory creation with directory traversal in tempfile and tmpdir]
RESERVED
+ - ruby2.5 <unfixed>
+ - ruby2.3 <unfixed>
+ - ruby2.1 <removed>
+ - ruby1.9.1 <removed>
+ NOTE: https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/
CVE-2018-1000063
REJECTED
CVE-2017-18179 (Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/114c743b908f60b20763f8b2af852e5dd47f0a2f
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/114c743b908f60b20763f8b2af852e5dd47f0a2f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180330/e82d2cc7/attachment.html>
More information about the Secure-testing-commits
mailing list