[Git][security-tracker-team/security-tracker][master] ruby-grape, bouncycastle no-dsa

Fri, 13 Jul 2018 12:24:01 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e3bb788e by Moritz Muehlenhoff at 2018-07-13T21:23:14+02:00
ruby-grape, bouncycastle no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -567,7 +567,8 @@ CVE-2018-1000615 (ONOS ONOS Controller version 1.13.1 and 
earlier contains a Den
 CVE-2018-1000614 (ONOS ONOS Controller version 1.13.1 and earlier contains a 
XML ...)
        NOT-FOR-US: ONOS
 CVE-2018-1000613 (Legion of the Bouncy Castle Legion of the Bouncy Castle Java 
...)
-       - bouncycastle 1.60-1
+       - bouncycastle 1.60-1 (low)
+       [stretch] - bouncycastle <no-dsa> (Minor issue)
        NOTE: 
https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
        NOTE: 
https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
 CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 
contains a Cross ...)
@@ -27393,6 +27394,7 @@ CVE-2018-3770
        RESERVED
 CVE-2018-3769 (ruby-grape ruby gem suffers from a cross-site scripting (XSS) 
...)
        - ruby-grape <unfixed> (bug #903086)
+       [stretch] - ruby-grape <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ruby-grape/grape/commit/6876b71efc7b03f7ce1be3f075eaa4e7e6de19af
        NOTE: https://github.com/ruby-grape/grape/issues/1762
        NOTE: https://github.com/ruby-grape/grape/pull/1763



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e3bb788e26c2af66725d1ac973873683c77917b4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e3bb788e26c2af66725d1ac973873683c77917b4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to