Author: carnil Date: 2017-11-08 05:34:08 +0000 (Wed, 08 Nov 2017) New Revision: 57430
Modified: data/CVE/list Log: Mark ruby-yajl as no-dsa for stretch and jessie Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-08 05:32:08 UTC (rev 57429) +++ data/CVE/list 2017-11-08 05:34:08 UTC (rev 57430) @@ -286,7 +286,9 @@ CVE-2017-16517 RESERVED CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is ...) - - ruby-yajl <unfixed> (bug #880691) + - ruby-yajl <unfixed> (low; bug #880691) + [stretch] - ruby-yajl <no-dsa> (Minor issue) + [jessie] - ruby-yajl <no-dsa> (Minor issue) NOTE: https://github.com/brianmario/yajl-ruby/issues/176 NOTE: https://github.com/brianmario/yajl-ruby/commit/0dc68aa50eaf50f323e18e705963d90221d93a24 CVE-2017-16515 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits