Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (2)
CVE-2016-7954: Remove "yet" from the wording
· 18636a65
Salvatore Bonaccorso
authored
Feb 08, 2020
18636a65
Add fixed version via unstable for CVE-2016-7954/bundler
· a036cb5e
Salvatore Bonaccorso
authored
Feb 08, 2020
a036cb5e
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
a036cb5e
...
...
@@ -187650,13 +187650,13 @@ CVE-2016-7956
CVE-2016-7955 (The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, ...)
NOT-FOR-US: AlienVault OSSIM
CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...)
- bundler
<unfixed>
(bug #842504)
- bundler
2.1.4-1
(bug #842504)
[buster] - bundler <ignored> (Minor issue, too intrusive to backport)
[stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
[jessie] - bundler <ignored> (Minor issue, too intrusive to backport)
[wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
NOTE: There is no plan
(yet)
from upstream to address this for bundler 1.x
NOTE: There is no plan from upstream to address this for bundler 1.x
NOTE: due to lockfile format.
CVE-2016-7953 (Buffer underflow in X.org libXvMC before 1.0.10 allows remote X server ...)
{DLA-671-1}
Salvatore Bonaccorso authored
Salvatore Bonaccorso authored