Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0815b33b by Salvatore Bonaccorso at 2018-07-13T20:55:36+02:00 Remove no-dsa/postponed tagged entries for ruby2.1 which got update in DLA-1421-1 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -28451,7 +28451,6 @@ CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2. - ruby2.3 <removed> (bug #884879) [stretch] - ruby2.3 <postponed> (Minor issue, can be fixed along in future DSA) - ruby2.1 <removed> - [jessie] - ruby2.1 <postponed> (Minor issue, can be fixed along in future DSA) - ruby1.9.1 <removed> - ruby1.8 <removed> NOTE: https://github.com/ruby/ruby/pull/1777 @@ -61064,7 +61063,6 @@ CVE-2015-9096 (Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command inje {DSA-3966-1} - ruby2.3 2.3.3-1+deb9u1 (bug #864860) - ruby2.1 <removed> - [jessie] - ruby2.1 <no-dsa> (Minor issue) - ruby1.9.1 <removed> [wheezy] - ruby1.9.1 <no-dsa> (Minor issue, Net::SMTP users should validate data they send too) - ruby1.8 <removed> @@ -94830,7 +94828,6 @@ CVE-2016-7798 (The openssl gem for Ruby uses the same initialization vector (IV) {DSA-3966-1} - ruby2.3 2.3.3-1+deb9u1 (bug #842432) - ruby2.1 <removed> (bug #842544) - [jessie] - ruby2.1 <no-dsa> (Minor issue) NOTE: https://github.com/ruby/openssl/issues/49 NOTE: https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062 - ruby-attr-encrypted 3.0.1-2 @@ -112278,7 +112275,6 @@ CVE-2016-2340 (The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows CVE-2016-2339 (An exploitable heap overflow vulnerability exists in the ...) - ruby2.3 2.3.0-1 - ruby2.1 <removed> (bug #851161) - [jessie] - ruby2.1 <no-dsa> (Minor issue) NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0034/ NOTE: Fixed by: https://github.com/ruby/ruby/commit/bcc2421b4938fc1d9f5f3fb6ef2320571b27af42 NOTE: Fixed by: https://github.com/ruby/ruby/commit/de577357e80fa15f5cf13a81aa3decc783ea929e View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0815b33b245370cdf7ce07a6a3e3909d1c5a1b8c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0815b33b245370cdf7ce07a6a3e3909d1c5a1b8c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits