[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-7954: Remove "yet" from the wording

Salvatore Bonaccorso carnil at debian.org
Sat Feb 8 06:51:44 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18636a65 by Salvatore Bonaccorso at 2020-02-08T07:50:20+01:00
CVE-2016-7954: Remove "yet" from the wording

- - - - -
a036cb5e by Salvatore Bonaccorso at 2020-02-08T07:51:14+01:00
Add fixed version via unstable for CVE-2016-7954/bundler

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -187650,13 +187650,13 @@ CVE-2016-7956
 CVE-2016-7955 (The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...)
-	- bundler <unfixed> (bug #842504)
+	- bundler 2.1.4-1 (bug #842504)
 	[buster] - bundler <ignored> (Minor issue, too intrusive to backport)
 	[stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - bundler <ignored> (Minor issue, too intrusive to backport)
 	[wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
-	NOTE: There is no plan (yet) from upstream to address this for bundler 1.x
+	NOTE: There is no plan from upstream to address this for bundler 1.x
 	NOTE: due to lockfile format.
 CVE-2016-7953 (Buffer underflow in X.org libXvMC before 1.0.10 allows remote X server ...)
 	{DLA-671-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f92e43c6b386153ab98434e136aa1d2792a00854...a036cb5efa58d1e1003136f831ad2c866769a86b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f92e43c6b386153ab98434e136aa1d2792a00854...a036cb5efa58d1e1003136f831ad2c866769a86b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200208/0064e697/attachment.html>

More information about the debian-security-tracker-commits mailing list