Author: alteholz Date: 2015-05-30 18:17:52 +0000 (Sat, 30 May 2015) New Revision: 34599
Modified: data/CVE/list Log: added notes to other open ruby CVEs in squeeze Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-05-30 18:12:00 UTC (rev 34598) +++ data/CVE/list 2015-05-30 18:17:52 UTC (rev 34599) @@ -62304,7 +62304,7 @@ - linux <not-affected> (Vulnerable code introduced in 3.3) CVE-2012-4466 (Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 ...) - ruby1.9.1 1.9.3.194-2 (low; bug #689075) - [squeeze] - ruby1.9.1 <no-dsa> (Minor issue) + [squeeze] - ruby1.9.1 <not-affected> (Minor issue, please recheck) CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c in cgit ...) - cgit <not-affected> (Fixed before the initial upload into the archive) CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows ...) @@ -78059,7 +78059,7 @@ - ruby1.9 <removed> (low; bug #646020) [lenny] - ruby1.9 <no-dsa> (Minor issue) - ruby1.9.1 <removed> (low; bug #646020) - [squeeze] - ruby1.9.1 <no-dsa> (Minor issue) + [squeeze] - ruby1.9.1 <no-dsa> (Minor issue, there seems to be no patch upstream) [wheezy] - ruby1.9.1 <no-dsa> (Minor issue) CVE-2011-3623 (Multiple stack-based buffer overflows in VideoLAN VLC media player ...) - vlc 1.1.3-1 @@ -85880,7 +85880,7 @@ [squeeze] - ruby1.8 <no-dsa> (Minor issue) - ruby1.9 <removed> (bug #615519) [lenny] - ruby1.9 <no-dsa> (Minor issue) - [squeeze] - ruby1.9 <no-dsa> (Minor issue) + [squeeze] - ruby1.9 <no-dsa> (Minor issue, patch would change behaviour and might break things) - ruby1.9.1 1.9.2.180-1 (bug #615519) CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings function in ...) - clamav 0.97+dfsg-1 (low) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits