[Git][security-tracker-team/security-tracker][master] Marked CVE-2022-23520, CVE-2022-23519 and CVE-2022-23517 as no-dsa or postponed for bustser.
Ola Lundqvist (@opal)
opal at debian.org
Sat Dec 31 13:55:47 GMT 2022
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
57fcc46b by Ola Lundqvist at 2022-12-31T14:54:29+01:00
Marked CVE-2022-23520, CVE-2022-23519 and CVE-2022-23517 as no-dsa or postponed for bustser.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -74751,9 +74751,11 @@ CVE-2022-23521
RESERVED
CVE-2022-23520 (rails-html-sanitizer is responsible for sanitizing HTML fragments in R ...)
- ruby-rails-html-sanitizer <unfixed> (bug #1027153)
+ [buster] - ruby-rails-html-sanitizer <no-dsa> (Minor issue)
NOTE: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rrfc-7g8p-99q8
CVE-2022-23519 (rails-html-sanitizer is responsible for sanitizing HTML fragments in R ...)
- ruby-rails-html-sanitizer <unfixed> (bug #1027153)
+ [buster] - ruby-rails-html-sanitizer <postponed> (Minor issue can be fixed later)
NOTE: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-9h9g-93gc-623h
CVE-2022-23518 (rails-html-sanitizer is responsible for sanitizing HTML fragments in R ...)
- ruby-rails-html-sanitizer <unfixed> (bug #1027153)
@@ -74761,6 +74763,7 @@ CVE-2022-23518 (rails-html-sanitizer is responsible for sanitizing HTML fragment
NOTE: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-mcvf-2q2m-x72m
CVE-2022-23517 (rails-html-sanitizer is responsible for sanitizing HTML fragments in R ...)
- ruby-rails-html-sanitizer <unfixed> (bug #1027153)
+ [buster] - ruby-rails-html-sanitizer <no-dsa> (Minor issue)
NOTE: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-5x79-w82f-gw8w
NOTE: https://github.com/rails/rails-html-sanitizer/commit/56c61c0cebd1e493e8ad7bca2a0191609a4a6979
CVE-2022-23516 (Loofah is a general library for manipulating and transforming HTML/XML ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57fcc46b76de022fe15f97a00c6ec7c61c971cb5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57fcc46b76de022fe15f97a00c6ec7c61c971cb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221231/ad598597/attachment.htm>
More information about the debian-security-tracker-commits
mailing list