[Git][security-tracker-team/security-tracker][master] 2 commits: Take ruby2.3 & jruby as both are affected by same CVE
Utkarsh Gupta
utkarsh at debian.org
Thu Oct 1 13:27:00 BST 2020
Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits:
beb8e0ca by Utkarsh Gupta at 2020-10-01T17:54:30+05:30
Take ruby2.3 & jruby as both are affected by same CVE
- - - - -
11511ce5 by Utkarsh Gupta at 2020-10-01T17:55:41+05:30
Triage qtsvg-opensource-src for stretch
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -83,6 +83,8 @@ golang-golang-x-net-dev
--
guacamole-client
--
+jruby (Utkarsh)
+--
jupyter-notebook
NOTE: 20200711: Vulnerable to (at least) CVE-2018-19351. (lamby)
--
@@ -123,11 +125,15 @@ puma
--
python3.5 (Thorsten Alteholz)
--
+qtsvg-opensource-src
+--
rails (Markus Koschany)
--
reel
NOTE: 20200909: it is now unmaintained. last commit was in Aug 2018. (utkarsh)
--
+ruby2.3 (Utkarsh)
+--
ruby-actionpack-page-caching
NOTE: 20200819: Upstream's patch on does not apply due to subsequent
NOTE: 20200819: refactoring. However, a quick look at the private
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d3b6b120b352372ee4ad24e98595e04a6711e14a...11511ce56c4031987ac4e1a2f44e224b3da713d9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d3b6b120b352372ee4ad24e98595e04a6711e14a...11511ce56c4031987ac4e1a2f44e224b3da713d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201001/6516de8d/attachment.html>
More information about the debian-security-tracker-commits
mailing list