[Secure-testing-team] Bug#686867: jruby: CVE-2011-4838
Moritz Muehlenhoff
jmm at inutil.org
Thu Sep 6 20:03:58 UTC 2012
Package: jruby
Severity: grave
Tags: security
Justification: user security hole
Hi,
jruby in Wheezy is still affected by http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4838
http://www.nruns.com/_downloads/advisory28122011.pdf
Since Wheezy already has 1.6.5, updating to 1.6.5.1 seems like a good idea?
Cheers,
Moritz
More information about the Secure-testing-team
mailing list