Author: carnil Date: 2015-08-12 17:48:07 +0000 (Wed, 12 Aug 2015) New Revision: 36021
Modified: data/CVE/list Log: Add more note for CVE-2009-5147/ruby* Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-08-12 17:21:48 UTC (rev 36020) +++ data/CVE/list 2015-08-12 17:48:07 UTC (rev 36021) @@ -10217,6 +10217,9 @@ NOTE: seem to be contained in e.g. latest 1.9.1 and 2.1. E.g. NOTE: https://sources.debian.net/src/ruby2.1/2.1.5-4/ext/dl/handle.c/#L120 does NOTE: contain the change. + NOTE: In https://github.com/ruby/ruby/commit/07308c4d30b8c5260e5366c8eed2abf054d86fe7 + NOTE: DL was replaced by Fiddle but the problem might still be present there (un- + NOTE: checked) NOTE: Discussion http://seclists.org/oss-sec/2015/q3/220 TODO: check CVE-2009-5146 [memory leak in hostname TLS extension] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits