Author: nion
Date: 2007-09-05 17:38:50 +0000 (Wed, 05 Sep 2007)
New Revision: 6517
Modified:
data/CVE/list
Log:
ruby1.9 CVE-2006-5467 fixed in 1.9.0+20070606-1
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-09-05 17:29:04 UTC (rev 6516)
+++ data/CVE/list 2007-09-05 17:38:50 UTC (rev 6517)
@@ -14635,8 +14635,9 @@
CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to
cause a ...)
{DSA-1235-1 DSA-1234-1}
- ruby1.8 1.8.5-3 (medium; bug #398457)
- - ruby1.9 <unfixed> (medium)
+ - ruby1.9 1.9.0+20070606-1 (medium)
NOTE: ruby1.9 not to be released with etch
+ NOTE: etch and testing affected
CVE-2006-5466 (Heap-based buffer overflow in the showQueryPackage function in
librpm ...)
- rpm 4.4.1-11 (low; bug #397076)
[sarge] - rpm <no-dsa> (You need to trust the RPMs you''re
installing)