[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new ruby issue

Fri, 30 Mar 2018 02:06:47 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5c1ec75d by Moritz Muehlenhoff at 2018-03-30T11:05:12+02:00
new ruby issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15452,8 +15452,13 @@ CVE-2017-17744 (A cross-site scripting (XSS) 
vulnerability in the custom-map plu
        NOT-FOR-US: custom-map plugin for WordPress
 CVE-2017-17743 (Improper input sanitization within the restricted 
administration shell ...)
        NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-17742
+CVE-2017-17742 [ruby: HTTP response splitting in WEBrick]
        RESERVED
+       - ruby2.5 <unfixed>
+       - ruby2.3 <unfixed>
+       - ruby2.1 <removed>
+       - ruby1.9.1 <removed>
+       NOTE: 
https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
 CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7 
allows ...)
        {DSA-4082-1 DSA-4073-1 DLA-1232-1}
        - linux 4.14.7-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c1ec75d4896a95041aced156ced1254db9da15c

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c1ec75d4896a95041aced156ced1254db9da15c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to