Author: jmm Date: 2011-03-01 08:48:47 +0000 (Tue, 01 Mar 2011) New Revision: 16272 Modified: data/CVE/list data/ospu-candidates.txt data/spu-candidates.txt Log: ruby fixed/not-affected/no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-03-01 08:38:36 UTC (rev 16271) +++ data/CVE/list 2011-03-01 08:48:47 UTC (rev 16272) @@ -280,16 +280,20 @@ RESERVED CVE-2011-1005 [Ruby Exception methods can bypass $SAFE] RESERVED - - ruby1.8 1.8.7.334-1 - - ruby1.9 <removed> - - ruby1.9.1 <unfixed> - TODO: check + - ruby1.8 1.8.7.334-1 (bug #615517) + [lenny] - ruby1.8 <no-dsa> (Minor issue) + [squeeze] - ruby1.8 <no-dsa> (Minor issue) + - ruby1.9 <not-affected> + - ruby1.9.1 <not-affected> CVE-2011-1004 [Ruby FileUtils.remove_entry_secure symlink attack] RESERVED - - ruby1.8 1.8.7.334-1 - - ruby1.9 <removed> - - ruby1.9.1 <unfixed> - TODO: check + - ruby1.8 1.8.7.334-1 (bug #615518) + [lenny] - ruby1.8 <no-dsa> (Minor issue) + [squeeze] - ruby1.8 <no-dsa> (Minor issue) + - ruby1.9 <removed> (bug #615519) + [lenny] - ruby1.9 <no-dsa> (Minor issue) + [squeeze] - ruby1.9 <no-dsa> (Minor issue) + - ruby1.9.1 1.9.2.180-1 (bug #615519) CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings function in ...) - clamav 0.97+dfsg-1 [lenny] - clamav <end-of-life> Modified: data/ospu-candidates.txt ==================================================================--- data/ospu-candidates.txt 2011-03-01 08:38:36 UTC (rev 16271) +++ data/ospu-candidates.txt 2011-03-01 08:48:47 UTC (rev 16272) @@ -504,11 +504,13 @@ -- -ruby1.8 (CVE-2010-0541) +ruby1.8 (CVE-2010-0541, CVE-2011-1004, CVE-2011-1005) +#615517, #615518 -- -ruby1.9 (CVE-2010-0541) +ruby1.9 (CVE-2010-0541, CVE-2011-1004) +#615519 -- Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2011-03-01 08:38:36 UTC (rev 16271) +++ data/spu-candidates.txt 2011-03-01 08:48:47 UTC (rev 16272) @@ -69,6 +69,16 @@ -- +ruby1.8 (CVE-2011-1004, CVE-2011-1005) +#615517, #615518 + +-- + +ruby1.9 (CVE-2011-10045B) +#615519 + +-- + stunnel (CVE-2011-XXXX) http://www.stunnel.org/?page=sdf_ChangeLog (v4.35)