[Secure-testing-commits] r12165 - data/CVE

Michael Gilbert Fri, 19 Jun 2009 09:55:00 -0700

Author: gilbert-guest
Date: 2009-06-19 16:54:42 +0000 (Fri, 19 Jun 2009)
New Revision: 12165


Modified:
   data/CVE/list
Log:
CVE-2009-1904 is low-urgency (local dos in ruby)


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-06-19 11:17:59 UTC (rev 12164)
+++ data/CVE/list       2009-06-19 16:54:42 UTC (rev 12165)
@@ -471,7 +471,7 @@
 CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before 
FP17, 9.1 ...)
        NOT-FOR-US: IBM DB2
 CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 
before p173 ...)
-       - ruby1.8 1.8.7.173-1 (bug #532689)
+       - ruby1.8 1.8.7.173-1 (low; bug #532689)
        - ruby1.9 <not-affected>
        NOTE: 
http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/
 CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 
allows ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r12165 - data/CVE

Reply via email to