Skip to content

Commit ee6f694

Browse files
jasnowjasnow
authored
Update CVE-2017-0898.yml to remove mruby references
Removed references to mruby and related issues from the CVE advisory.
1 parent 4287b26 commit ee6f694

1 file changed

Lines changed: 1 addition & 5 deletions

File tree

rubies/ruby/CVE-2017-0898.yml

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,6 @@ description: |
1414
the Ruby interpreter may crash.
1515
1616
All users running an affected release should upgrade immediately.
17-
18-
Also impacted mruby - issue #3722 mentioned it was fixed in 1.3.0.
1917
cvss_v2: 6.4
2018
cvss_v3: 9.1
2119
patched_versions:
@@ -26,7 +24,6 @@ related:
2624
url:
2725
- https://nvd.nist.gov/vuln/detail/CVE-2017-0898
2826
- https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898
29-
- https://github.com/mruby/mruby/issues/3722
3027
- https://hackerone.com/reports/212241
3128
- https://access.redhat.com/errata/RHSA-2017:3485
3229
- https://access.redhat.com/errata/RHSA-2018:0378
@@ -38,5 +35,4 @@ related:
3835
- https://ubuntu.com/security/notices/USN-3685-1
3936
- https://web.archive.org/web/20200227145420/https://www.securityfocus.com/bid/100862
4037
- https://github.com/advisories/GHSA-wvmx-3rv2-5jgf
41-
notes: |
42-
- Do I need to duplicate this advisory under "mruby" directory?
38+

0 commit comments

Comments
 (0)