[Git][security-tracker-team/security-tracker][master] new nokogiri issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f9e834e7 by Moritz Muehlenhoff at 2022-12-15T12:24:01+01:00
new nokogiri issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70846,7 +70846,12 @@ CVE-2022-23477 (xrdp is an open source project which provides a graphical login
 	- xrdp <unfixed> (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hqw2-jx2c-wrr2
 CVE-2022-23476 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	[bullseye] - ruby-nokogiri <not-affected> (Introduced in 1.13.8)
+	[buster] - ruby-nokogiri <not-affected> (Introduced in 1.13.8)
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-qv4q-mr5r-qprj
+	NOTE: https://github.com/sparklemotion/nokogiri/commit/85410e38410f670cbbc8c5b00d07b843caee88ce
+	NOTE: https://github.com/sparklemotion/nokogiri/commit/9fe0761c47c0d4270d1a5220cfd25de080350d50
 CVE-2022-23475 (daloRADIUS is an open source RADIUS web management application. daloRa ...)
 	TODO: check
 CVE-2022-23474 (Editor.js is a block-style editor with clean JSON output. Versions pri ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9e834e727f25d2d4c2e30905d4d2efec10f4dad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9e834e727f25d2d4c2e30905d4d2efec10f4dad
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221215/e6e25e70/attachment.htm>