[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#905304: security-tracker: DSA-4259-1 vs. tracker



Package: security-tracker
Severity: normal

Hello!

According to [DSA-4259-1], ruby2.3/2.3.3-1+deb9u3 fixes a number of
vulnerabilities, among which CVE-2017-17405, CVE-2017-17742,
CVE-2017-17790, and CVE-2018-6914.

However, the tracker pages for [CVE-2017-17405], [CVE-2017-17742],
[CVE-2017-17790], and [CVE-2018-6914] seem to disagree.

Is the tracker wrong?
Please update the tracker data, then.

Is the DSA wrong?
Please clarify (I searched in the tracker commit history on Salsa,
but I failed to find any explicit explanation about this
discrepancy...).

Thanks for your time!

[DSA-4259-1]: <https://lists.debian.org/debian-security-announce/2018/msg00188.html>
[CVE-2017-17405]: <https://security-tracker.debian.org/tracker/CVE-2017-17405>
[CVE-2017-17742]: <https://security-tracker.debian.org/tracker/CVE-2017-17742>
[CVE-2017-17790]: <https://security-tracker.debian.org/tracker/CVE-2017-17790>
[CVE-2018-6914]:  <https://security-tracker.debian.org/tracker/CVE-2018-6914>


Reply to: