[Git][security-tracker-team/security-tracker][master] Update NOTES for ruby-kaminari.
Markus Koschany (@apo)
apo at debian.org
Mon Jul 19 17:00:07 BST 2021
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a0a199d by Markus Koschany at 2021-07-19T17:58:33+02:00
Update NOTES for ruby-kaminari.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -104,6 +104,9 @@ ruby-kaminari
NOTE: 20200928: It should prepend_features from Kaminari::Helpers::Tag. (utkarsh)
NOTE: 20201009: This (↑) is an app-level patch for a rails app. A library-level patch
NOTE: 20201009: will needed to be written. Opened an issue at upstream, though somewhat inactive. (utkarsh)
+ NOTE: 20210719: https://people.debian.org/~apo/lts/ruby-kaminari/CVE-2020-11082.patch
+ NOTE: 20210719: I believe the fix is just adding and extending the blacklist for ruby-kaminari.
+ NOTE: 20210719: Will discuss this with Utkarsh (maintainer) shortly.
--
runc (Anton Gladky)
NOTE: 20210612: Not sure if applies to this version. (lamby)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a0a199d55f485e997c38c9131c8a7fa7fd3beaf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a0a199d55f485e997c38c9131c8a7fa7fd3beaf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210719/3b73f815/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list