[Git][security-tracker-team/security-tracker][master] CVE-2016-2338/ruby2.1: reference missing patch

Tue Jul 16 20:07:38 BST 2024


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
88ed3e2e by Sylvain Beucler at 2024-07-16T21:06:34+02:00
CVE-2016-2338/ruby2.1: reference missing patch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -541529,7 +541529,8 @@ CVE-2016-2338 (An exploitable heap overflow vulnerability exists in the Psych::E
 	- ruby2.3 2.3.0-1
 	- ruby2.1 <removed>
 	NOTE: https://talosintelligence.com/reports/TALOS-2016-0032
-	NOTE: https://git.ruby-lang.org/ruby.git/commit/?id=db48c307944a9a18877236bdf9e9b778875f38ed
+	NOTE: https://git.ruby-lang.org/ruby.git/commit/?id=cc0313436160b735a3d41361cb5e3eeb10fcbdad (v2_3_0)
+	NOTE: https://git.ruby-lang.org/ruby.git/commit/?id=db48c307944a9a18877236bdf9e9b778875f38ed (v2_3_0)
 CVE-2016-2337 (Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Att ...)
 	{DLA-1480-1}
 	- ruby2.3 2.3.0-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88ed3e2eefe095172bf01c45d590496d002f206e

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88ed3e2eefe095172bf01c45d590496d002f206e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240716/9b81842d/attachment.htm>
