Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
80002221 by Moritz Muehlenhoff at 2025-02-01T22:45:23+01:00
ruby3.2 removed from sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7593,7 +7593,7 @@ CVE-2025-0328 (A vulnerability, which was classified as
critical, has been found
NOT-FOR-US: KaiYuanTong ECT Platform
CVE-2025-0306 (A vulnerability was found in Ruby. The Ruby interpreter is
vulnerable ...)
- ruby3.3 <not-affected> (All versions of Ruby 3.3 used OpenSSL 3.2
since initial upload)
- - ruby3.2 <unfixed>
+ - ruby3.2 <removed>
- ruby3.1 3.1.2-8.4
[bookworm] - ruby3.1 <ignored> (Minor issue and requires OpenSSL 3.2,
which is not in Bookworm)
- ruby2.7 <removed>
@@ -28461,7 +28461,7 @@ CVE-2024-49771 (MPXJ is an open source library to read
and write project plans f
CVE-2024-49761 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9
has a ReD ...)
{DLA-4018-1}
- ruby3.3 <unfixed>
- - ruby3.2 <unfixed>
+ - ruby3.2 <removed>
- ruby3.1 <unfixed>
- ruby2.7 <removed>
NOTE:
https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m
@@ -43938,7 +43938,7 @@ CVE-2024-43780 (Mattermost versions 9.9.x <= 9.9.1,
9.5.x <= 9.5.7, 9.10.0, 9.8.
CVE-2024-43398 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6
has a DoS ...)
{DLA-4018-1}
- ruby3.3 3.3.5-1
- - ruby3.2 <unfixed> (bug #1083191)
+ - ruby3.2 <removed> (bug #1083191)
- ruby3.1 <unfixed> (bug #1083190)
[bookworm] - ruby3.1 <no-dsa> (Minor issue)
- ruby2.7 <removed>
@@ -49451,7 +49451,7 @@ CVE-2024-41961 (Elektra is an opinionated Openstack
Dashboard for Operators and
CVE-2024-41946 (REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a
DoS vulner ...)
{DLA-4018-1}
- ruby3.3 3.3.5-1
- - ruby3.2 <unfixed> (bug #1083191)
+ - ruby3.2 <removed> (bug #1083191)
- ruby3.1 <unfixed> (bug #1083190)
[bookworm] - ruby3.1 <no-dsa> (Minor issue)
- ruby2.7 <removed>
@@ -49474,7 +49474,7 @@ CVE-2024-41144 (Mattermost versions 9.9.x <= 9.9.0,
9.5.x <= 9.5.6, 9.7.x <= 9.7
CVE-2024-41123 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2
has some ...)
{DLA-4018-1}
- ruby3.3 3.3.5-1
- - ruby3.2 <unfixed> (bug #1083191)
+ - ruby3.2 <removed> (bug #1083191)
- ruby3.1 <unfixed> (bug #1083190)
[bookworm] - ruby3.1 <no-dsa> (Minor issue)
- ruby2.7 <removed>
@@ -53347,7 +53347,7 @@ CVE-2024-3232 (A formula injection vulnerability exists
in Tenable Identity Expo
CVE-2024-39908 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1
has some ...)
{DLA-4018-1}
- ruby3.3 3.3.5-1 (bug #1076766)
- - ruby3.2 <unfixed> (bug #1076767)
+ - ruby3.2 <removed> (bug #1076767)
- ruby3.1 <unfixed> (bug #1076768)
[bookworm] - ruby3.1 <no-dsa> (Minor issue)
- ruby2.7 <removed>
@@ -72891,7 +72891,7 @@ CVE-2024-35183 (wolfictl is a command line tool for
working with Wolfi. A git au
NOT-FOR-US: wolfictl
CVE-2024-35176 (REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6
has a den ...)
{DLA-4018-1}
- - ruby3.2 <unfixed> (bug #1071627)
+ - ruby3.2 <removed> (bug #1071627)
- ruby3.1 <unfixed> (bug #1071626)
[bookworm] - ruby3.1 <no-dsa> (Minor issue)
- ruby2.7 <removed>
@@ -80549,7 +80549,7 @@ CVE-2022-48682 (In deletefiles in FDUPES before 2.2.0,
a TOCTOU race condition a
NOTE:
https://github.com/adrianlopezroche/fdupes/commit/85680897148f1ac33b55418e00334116e419717f
(v2.2.0)
CVE-2024-27282 (An issue was discovered in Ruby 3.x through 3.3.0. If
attacker-supplie ...)
{DSA-5677-1 DLA-3858-1}
- - ruby3.2 <unfixed> (bug #1069968)
+ - ruby3.2 <removed> (bug #1069968)
- ruby3.1 3.1.2-8.5 (bug #1069969)
- ruby2.7 <removed>
- ruby2.5 <removed>
@@ -91274,7 +91274,7 @@ CVE-2020-36825 (** UNSUPPORTED WHEN ASSIGNED ** **
DISPUTED ** A vulnerability h
NOT-FOR-US: cyberaz0r WebRAT
CVE-2024-27281 (An issue was discovered in RDoc 6.3.3 through 6.6.2, as
distributed in ...)
{DSA-5677-1 DLA-3858-1}
- - ruby3.2 <unfixed> (bug #1067802)
+ - ruby3.2 <removed> (bug #1067802)
- ruby3.1 <unfixed> (bug #1067803)
- ruby2.7 <removed>
- ruby2.5 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80002221faacdf45bfc69985dafca858b9f001b8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80002221faacdf45bfc69985dafca858b9f001b8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
