[Git][security-tracker-team/security-tracker][master] Add CVE-2021-21289/ruby-mechanize

Salvatore Bonaccorso carnil at debian.org
Wed Feb 3 07:22:09 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
608527fd by Salvatore Bonaccorso at 2021-02-03T08:21:41+01:00
Add CVE-2021-21289/ruby-mechanize

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12915,7 +12915,14 @@ CVE-2021-21291 (OAuth2 Proxy is an open-source reverse proxy and static file ser
 CVE-2021-21290
 	RESERVED
 CVE-2021-21289 (Mechanize is an open-source ruby library that makes automated web inte ...)
-	TODO: check
+	- ruby-mechanize <unfixed>
+	NOTE: https://github.com/sparklemotion/mechanize/security/advisories/GHSA-qrqm-fpv6-6r8g
+	NOTE: https://github.com/sparklemotion/mechanize/commit/aae0b13514a1a0caf93b1cf233733c50e679069a (v2.7.7)
+	NOTE: https://github.com/sparklemotion/mechanize/commit/2ac906b26f4a565a0af92df5fb9c8a36c2b75375 (v2.7.7)
+	NOTE: https://github.com/sparklemotion/mechanize/commit/f43a3952ab39341136656b0a8b2c8597ba1b4adc (v2.7.7)
+	NOTE: https://github.com/sparklemotion/mechanize/commit/b48b12f5db33c5a94a14dfcab8adf3e73cfa0388 (v2.7.7)
+	NOTE: https://github.com/sparklemotion/mechanize/commit/63f8779e49664d5e95fae8d42d04c8e373162b3c (v2.7.7)
+	NOTE: Test warnings fixup: https://github.com/sparklemotion/mechanize/commit/5b30aed33cbac9825e8978f8e36dd221cbd4c093 (v2.7.7)
 CVE-2021-21288
 	RESERVED
 CVE-2021-21287 (MinIO is a High Performance Object Storage released under Apache Licen ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/608527fddae5e9971d2706a79ad31c7da9a8d237

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/608527fddae5e9971d2706a79ad31c7da9a8d237
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210203/4f59f77c/attachment.html>

More information about the debian-security-tracker-commits mailing list