Author: sectracker
Date: 2017-11-11 21:10:14 +0000 (Sat, 11 Nov 2017)
New Revision: 57563
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-11 20:32:20 UTC (rev 57562)
+++ data/CVE/list 2017-11-11 21:10:14 UTC (rev 57563)
@@ -7682,7 +7682,7 @@
CVE-2017-14034
RESERVED
CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before
2.2.8, ...)
- {DLA-1114-1}
+ {DSA-4031-1 DLA-1114-1}
- ruby2.3 <unfixed> (bug #875928)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
@@ -17180,7 +17180,7 @@
CVE-2017-10785
RESERVED
CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby
before 2.2.8, ...)
- {DLA-1114-1 DLA-1113-1}
+ {DSA-4031-1 DLA-1114-1 DLA-1113-1}
- ruby2.3 <unfixed> (bug #875931)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
@@ -23030,7 +23030,7 @@
RESERVED
CVE-2017-8806
RESERVED
- {DSA-4029-1}
+ {DSA-4029-1 DLA-1169-1}
- postgresql-common 188
CVE-2017-8805 (Debian ftpsync before 20171017 does not use the rsync
--safe-links ...)
- archvsync 20171017
@@ -45883,6 +45883,7 @@
CVE-2017-0904
RESERVED
CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a
...)
+ {DSA-4031-1}
- ruby2.3 <unfixed> (bug #879231)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
@@ -45936,7 +45937,7 @@
NOTE: For Ruby 2.2.7:
https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
NOTE: Not considered a vulnerability per se, if this affects a terminal
emulator it's a bug there
CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a
malicious ...)
- {DLA-1114-1 DLA-1113-1}
+ {DSA-4031-1 DLA-1114-1 DLA-1113-1}
- ruby2.3 <unfixed> (bug #875936)
- ruby2.1 <removed>
- ruby1.9.1 <removed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
