[Secure-testing-commits] r10963 - data/CVE

nion Thu, 15 Jan 2009 10:40:31 -0800

Author: nion
Date: 2009-01-15 18:39:53 +0000 (Thu, 15 Jan 2009)
New Revision: 10963


Modified:
   data/CVE/list
Log:
CVE-2008-3443 fixed in ruby1.9 1.9.0.2-9

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-01-15 18:11:21 UTC (rev 10962)
+++ data/CVE/list       2009-01-15 18:39:53 UTC (rev 10963)
@@ -6216,8 +6216,10 @@
 CVE-2008-3443 (The regular expression engine (regex.c) in Ruby 1.8.5 and 
earlier, ...)
        {DSA-1695-1}
        - ruby1.8 1.8.7.72-1 (low; bug #494401)
-       - ruby1.9 <unfixed> (low)
+       - ruby1.9 1.9.0.2-9 (low)
        NOTE: Upstream commits 18212 (for 1.8) and 18213 (for 1.9).
+       NOTE: this specific problem does not exist in ruby1.9 but a very 
similar problem
+       NOTE: that has been fixed in this version (308_regexp_segv.dpatch)
 CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of 
...)
        NOT-FOR-US: WinZip
 CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the 
authenticity ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r10963 - data/CVE

Reply via email to