Author: carnil
Date: 2016-03-05 06:54:32 +0000 (Sat, 05 Mar 2016)
New Revision: 40165
Modified:
data/CVE/list
Log:
ruby2.1 removed from unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-05 05:05:28 UTC (rev 40164)
+++ data/CVE/list 2016-03-05 06:54:32 UTC (rev 40165)
@@ -11708,7 +11708,7 @@
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
[squeeze] - ruby1.9.1 <not-affected> (DL already fixed with
CVE-2009-5147, Fiddle does not have vulnerable code)
- ruby2.0 <removed>
- - ruby2.1 <unfixed> (bug #796344)
+ - ruby2.1 <removed> (bug #796344)
[jessie] - ruby2.1 <no-dsa> (Minor issue)
- ruby2.2 2.2.4-1 (bug #796551)
NOTE:
https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/
@@ -26838,7 +26838,7 @@
- ruby1.9.1 <removed>
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
- ruby2.0 <removed>
- - ruby2.1 <unfixed> (bug #796344)
+ - ruby2.1 <removed> (bug #796344)
[jessie] - ruby2.1 <no-dsa> (Minor issue)
- ruby2.2 <not-affected> (Does not contain DL, cf note and
corresponding CVE-2015-7551)
NOTE:
https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b
@@ -48470,7 +48470,7 @@
CVE-2014-3918
RESERVED
CVE-2014-3916 (The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and
2.1 ...)
- - ruby2.1 <unfixed> (unimportant)
+ - ruby2.1 <removed> (unimportant)
- ruby2.0 <removed> (unimportant)
- ruby1.9.1 <removed> (unimportant)
- ruby1.8 <removed> (unimportant)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
