Bug 16255

Summary: ruby-redcarpet new security issue CVE-2015-5147
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Pascal Terjan <pterjan>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: mageia
Version: 4   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: ruby-redcarpet-3.0.0-1.1.mga4.src.rpm CVE:
Status comment:

Description David Walser 2015-06-30 18:54:21 CEST 
A CVE has been assigned for a security issue fixed in redcarpet 3.3.2:
http://openwall.com/lists/oss-security/2015/06/30/10

The commit to fix it is linked in the message above.

Reproducible: 

Steps to Reproduce:
David Walser 2015-06-30 18:54:28 CEST

CC: (none) => mageia

Comment 1 David Walser 2015-09-02 18:44:45 CEST 
Affected code appears to not be present in 3.0.0.  Closing as INVALID.

Status: NEW => RESOLVED
Resolution: (none) => INVALID