[Git][security-tracker-team/security-tracker][master] bugnum
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Aug 10 21:26:22 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d58ad793 by Moritz Muehlenhoff at 2022-08-10T22:25:56+02:00
bugnum
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28062,7 +28062,7 @@ CVE-2022-27778 (A use of incorrectly resolved name vulnerability fixed in 7.83.1
NOTE: https://curl.se/docs/CVE-2022-27778.html
NOTE: Fixed by: https://github.com/curl/curl/commit/8c7ee9083d0d719d0a77ab20d9cc2ae84eeea7f3 (curl-7_83_1)
CVE-2022-27777 (A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5. ...)
- - rails <unfixed>
+ - rails <unfixed> (bug #1016982)
NOTE: https://discuss.rubyonrails.org/t/cve-2022-27777-possible-xss-vulnerability-in-action-view-tag-helpers/80534
NOTE: Fixed by: https://github.com/rails/rails/commit/123f42a573f7fcbf391885c135ca809f21615180 (v6.1.5.1)
NOTE: Regression fix: https://github.com/rails/rails/commit/7c2da9e51c5c02643f30d83aaad3ed5062adcad8 (6.1.6)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d58ad793f77106a25a023b6e8ef457fdf8f0bc68
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d58ad793f77106a25a023b6e8ef457fdf8f0bc68
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220810/63fa6fad/attachment.htm>
More information about the debian-security-tracker-commits
mailing list