Author: gilbert-guest Date: 2009-06-19 16:54:42 +0000 (Fri, 19 Jun 2009) New Revision: 12165 Modified: data/CVE/list Log: CVE-2009-1904 is low-urgency (local dos in ruby) Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-19 11:17:59 UTC (rev 12164) +++ data/CVE/list 2009-06-19 16:54:42 UTC (rev 12165) @@ -471,7 +471,7 @@ CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 ...) NOT-FOR-US: IBM DB2 CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...) - - ruby1.8 1.8.7.173-1 (bug #532689) + - ruby1.8 1.8.7.173-1 (low; bug #532689) - ruby1.9 <not-affected> NOTE: http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/ CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows ...)