Bug#905304: security-tracker: DSA-4259-1 vs. tracker

Francesco Poli (wintermute) Thu, 02 Aug 2018 13:03:31 -0700

Package: security-tracker
Severity: normal

Hello!


According to [DSA-4259-1], ruby2.3/2.3.3-1+deb9u3 fixes a number of
vulnerabilities, among which CVE-2017-17405, CVE-2017-17742,
CVE-2017-17790, and CVE-2018-6914.

However, the tracker pages for [CVE-2017-17405], [CVE-2017-17742],
[CVE-2017-17790], and [CVE-2018-6914] seem to disagree.

Is the tracker wrong?
Please update the tracker data, then.

Is the DSA wrong?
Please clarify (I searched in the tracker commit history on Salsa,
but I failed to find any explicit explanation about this
discrepancy...).

Thanks for your time!

[DSA-4259-1]: 
<https://lists.debian.org/debian-security-announce/2018/msg00188.html>
[CVE-2017-17405]: <https://security-tracker.debian.org/tracker/CVE-2017-17405>
[CVE-2017-17742]: <https://security-tracker.debian.org/tracker/CVE-2017-17742>
[CVE-2017-17790]: <https://security-tracker.debian.org/tracker/CVE-2017-17790>
[CVE-2018-6914]:  <https://security-tracker.debian.org/tracker/CVE-2018-6914>

Bug#905304: security-tracker: DSA-4259-1 vs. tracker

Reply via email to