Postmodern comments

Results 523 comments of


Postmodern

Missing CVE-2017-17790

Closed by #558

Include warnings for EOL ruby and gems

Closing this as the scope of [ruby-advisory-db](https://github.com/rubysec/ruby-advisory-db) is security advisories for vulnerabilities.

Add advisory for ruby DL::Function#call issue, fixed in ruby-1.9.1-p129

Confirmed CVE-2013-2065 is discussing the `DL::Function#call` tainting issue.

Update readme to match fact that we now support rubies

Updated the README in 183a5806ea381630329c87ec76361089dd9d52ac.

Merge the two sup vulnerabilities

@jasnow has added the `related:` CVE and GHSA IDs to the two vulnerabilities (PR #646) . We should avoid merging CVEs as they are supposed to be individually enumerated vulnerabilities.

Add an API for the ruby-advisory-db

@jasnow I believe this would be a Ruby library for interacting with the `ruby-advisory-db`, so that other tools could interface with it in the same way that `bundler-audit` does.

Add an API for the ruby-advisory-db

Maybe it could have a rudimentary CLI that could update the DB or query a specific advisory or `gem-version`.

Add an API for the ruby-advisory-db

We could create a static JSON feed for the website as yet-another-way to get the advisory data. Might be worth creating a separate issue in the [website repo](https://github.com/rubysec/rubysec.github.io/issues).

Update titles/descriptions for NVD advisories.

Closing since #456 was merged.

[RFC]: Support EOL

I noticed this PR was approved, but still think it's out of scope of tracking security advisories. The amount of data to track whether a gem is currently maintained is...