Candidate: CVE-2015-5147
PublicDate: 2015-07-14 16:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5147
 https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb
 http://www.openwall.com/lists/oss-security/2015/06/29/3
Description:
 Stack-based buffer overflow in the header_anchor function in the HTML
 renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of
 service (crash) and possibly execute arbitrary code via unspecified
 vectors.
Ubuntu-Description:
Notes:
 seth-arnold> The report included "Affects: v3.3.0 - v3.3.1", newer than
  our packages
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_ruby-redcarpet:
upstream_ruby-redcarpet: released (3.3.2)
precise_ruby-redcarpet: DNE
trusty_ruby-redcarpet: not-affected
trusty/esm_ruby-redcarpet: DNE (trusty was not-affected)
utopic_ruby-redcarpet: not-affected
vivid_ruby-redcarpet: not-affected
devel_ruby-redcarpet: not-affected