diff options
author | Chris Lamb <lamby@debian.org> | 2020-07-11 18:06:12 +0100 |
---|---|---|
committer | Chris Lamb <lamby@debian.org> | 2020-07-11 18:07:14 +0100 |
commit | 2f9042915f6d467024e3956818676290ec4ea516 (patch) | |
tree | 29d54fcf59222e04f780a3c009379cae70f1132a /data | |
parent | a098b73660cedbb7ce7eba54492ac95a86ba5714 (diff) |
Revert "Triage CVE-2019-8325, CVE-2019-8324, CVE-2019-8323 etc. in jruby for stretch LTS."
This reverts commit 29979a390f7915a46b9c7f18b6ff7576f3828039.
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/data/CVE/list b/data/CVE/list index ddd65276a9..2c4453857e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -49078,7 +49078,6 @@ CVE-2019-16255 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 - ruby2.3 <removed> - ruby2.1 <removed> - jruby <unfixed> - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/ NOTE: ruby2.5: https://github.com/ruby/ruby/commit/3af01ae1101e0b8815ae5a106be64b0e82a58640 CVE-2019-16254 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...) @@ -49087,7 +49086,6 @@ CVE-2019-16254 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 - ruby2.3 <removed> - ruby2.1 <removed> - jruby <unfixed> - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc NOTE: https://hackerone.com/reports/331984 NOTE: https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/ @@ -49279,7 +49277,6 @@ CVE-2019-16201 (WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x throu - ruby2.3 <removed> - ruby2.1 <removed> - jruby <unfixed> - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://github.com/ruby/ruby/commit/36e057e26ef2104bc2349799d6c52d22bb1c7d03 NOTE: https://hackerone.com/reports/661722 NOTE: https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/ @@ -74706,7 +74703,6 @@ CVE-2019-8325 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. - ruby2.1 <removed> - rubygems <removed> - jruby 9.1.17.0-3 (bug #925987) - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/ NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b @@ -74717,7 +74713,6 @@ CVE-2019-8324 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. - ruby2.1 <removed> - rubygems <removed> - jruby 9.1.17.0-3 (bug #925987) - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/ NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b @@ -74728,7 +74723,6 @@ CVE-2019-8323 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. - ruby2.1 <removed> - rubygems <removed> - jruby 9.1.17.0-3 (bug #925987) - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/ NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b @@ -74739,7 +74733,6 @@ CVE-2019-8322 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. - ruby2.1 <removed> - rubygems <removed> - jruby 9.1.17.0-3 (bug #925987) - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/ NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b @@ -74751,7 +74744,6 @@ CVE-2019-8321 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. [jessie] - ruby2.1 <not-affected> (Vulnerable code introduced later) - rubygems <removed> - jruby 9.1.17.0-3 (bug #925987) - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/ NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b @@ -74762,7 +74754,6 @@ CVE-2019-8320 (A Directory Traversal issue was discovered in RubyGems 2.7.6 and - ruby2.1 <removed> - rubygems <removed> - jruby 9.1.17.0-3 (bug #925987) - [stretch] - jruby <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00148.html) [jessie] - jruby <not-affected> (Vulnerable code introduced later) NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/ NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html |