[Git][security-tracker-team/security-tracker][master] Reserve DLA-2096-1 for ruby-rack-cors

Thu Feb 6 06:41:15 GMT 2020


Brian May pushed to branch master at Debian Security Tracker / security-tracker


Commits:
851f6b40 by Brian May at 2020-02-06T17:41:07+11:00
Reserve DLA-2096-1 for ruby-rack-cors

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Feb 2020] DLA-2096-1 ruby-rack-cors - security update
+	{CVE-2019-18978}
+	[jessie] - ruby-rack-cors 0.2.9-1+deb8u1
 [05 Feb 2020] DLA-2095-1 storebackup - security update
 	{CVE-2020-7040}
 	[jessie] - storebackup 3.2.1-1+deb8u1


=====================================
data/dla-needed.txt
=====================================
@@ -95,8 +95,6 @@ ruby-rack
   NOTE: 20191219: The security update causes a regression and also, there's a
   NOTE: slight possibility of this patch inducing a backdoor on its own. (utkarsh2102)
 --
-ruby-rack-cors (Brian May)
---
 salt (Mike Gabriel)
   NOTE: 20200118: about CVE-2019-17361... Compared to the upstream fix, there is a
   NOTE: 20200118: very similar code passage in salt/jessie's salt/client/api.py file.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/851f6b40600dcea5b635d6d83cad8500d77909fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/851f6b40600dcea5b635d6d83cad8500d77909fa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200206/56cb4ec4/attachment-0001.html>
