diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-10-19 06:47:18 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-10-19 06:47:18 +0200 |
| commit | 0aceb777381db1b9f19904f7e569ea001aa80e62 (patch) | |
| tree | cfc0e6c98f927b258e812942a077ea2ca5f2a44c /data/CVE/list.2013 | |
| parent | e41e86fc60756705b9754a8bc60ad94128f2bb81 (diff) | |
src:rubygems has been re-introduced into the archive
The initial upload states:
- Upstream bundler source code is now hosted in the same git repository as
rubygems, due to that this new source package is introduced and it will
provide the binaries previously provided by src:bundler (ruby-bundler
and bundler). src:bundler will be removed after src:rubygems is accepted.
We need to recheck if any of this previously unfixed issues are still
unfixed or now adressed with this initial first re-upload.
Diffstat (limited to 'data/CVE/list.2013')
| -rw-r--r-- | data/CVE/list.2013 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list.2013 b/data/CVE/list.2013 index 0cf7e4e4ee..af225c318c 100644 --- a/data/CVE/list.2013 +++ b/data/CVE/list.2013 @@ -8192,7 +8192,7 @@ CVE-2013-4365 (Heap-based buffer overflow in the fcgid_header_bucket_read functi CVE-2013-4364 ((1) oo-analytics-export and (2) oo-analytics-import in the openshift-o ...) NOT-FOR-US: OpenShift CVE-2013-4363 (Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION ...) - - rubygems <removed> (unimportant; bug #722361) + - rubygems <unfixed> (unimportant; bug #722361) - libgems-ruby <removed> (unimportant; bug #722361) NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing NOTE: it a potential elevated CPU consumption doesn't add any extra harm @@ -8482,7 +8482,7 @@ CVE-2013-4288 (Race condition in PolicyKit (aka polkit) allows local users to by [squeeze] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API) [wheezy] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API) CVE-2013-4287 (Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN ...) - - rubygems <removed> (unimportant; bug #722361) + - rubygems <unfixed> (unimportant; bug #722361) - libgems-ruby <removed> (unimportant; bug #722361) NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing NOTE: it a potential elevated CPU consumption doesn't add any extra harm |