[Git][security-tracker-team/security-tracker][master] ruby2.3 removed from unstable
Salvatore Bonaccorso
carnil at debian.org
Tue May 1 04:50:18 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
59c09313 by Salvatore Bonaccorso at 2018-05-01T05:49:51+02:00
ruby2.3 removed from unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4304,7 +4304,7 @@ CVE-2018-8781 (The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the L
CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -4315,7 +4315,7 @@ CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -4327,7 +4327,7 @@ CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -4338,7 +4338,7 @@ CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
CVE-2018-8777 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -8374,7 +8374,7 @@ CVE-2018-1000080 (Ajenti version version 2 contains a Insecure Permissions vulne
- ajenti <itp> (bug #792019)
CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue, too intrusive to backport)
@@ -8389,7 +8389,7 @@ CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8399,7 +8399,7 @@ CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8409,7 +8409,7 @@ CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8419,7 +8419,7 @@ CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
{DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- rubygems <removed>
@@ -8429,7 +8429,7 @@ CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
{DLA-1352-1}
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue, too intrusive to backport)
@@ -8440,7 +8440,7 @@ CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000073 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- ruby2.5 2.5.0-5
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <not-affected> (Vulnerable code not present)
@@ -9477,7 +9477,7 @@ CVE-2018-6915
CVE-2018-6914 (Directory traversal vulnerability in the Dir.mktmpdir method in the ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
@@ -19168,7 +19168,7 @@ CVE-2017-17791
CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 ...)
{DLA-1222-1 DLA-1221-1}
- ruby2.5 2.5.0-1 (bug #884878)
- - ruby2.3 <unfixed> (bug #884879)
+ - ruby2.3 <removed> (bug #884879)
[stretch] - ruby2.3 <postponed> (Minor issue, can be fixed along in future DSA)
- ruby2.1 <removed>
[jessie] - ruby2.1 <postponed> (Minor issue, can be fixed along in future DSA)
@@ -19325,7 +19325,7 @@ CVE-2017-17743 (Improper input sanitization within the restricted administration
CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
{DLA-1359-1 DLA-1358-1}
- ruby2.5 2.5.1-1
- - ruby2.3 <unfixed>
+ - ruby2.3 <removed>
- ruby2.1 <removed>
- ruby1.9.1 <removed>
- ruby1.8 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/59c09313be34016c9db8fd5299fdf18e7c042059
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/59c09313be34016c9db8fd5299fdf18e7c042059
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180501/2e58a40a/attachment.html>
More information about the debian-security-tracker-commits
mailing list