[Git][security-tracker-team/security-tracker][master] ruby-apollo-upload-server fixed in sid

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
179a58b4 by Moritz Muehlenhoff at 2022-07-12T15:08:50+02:00
ruby-apollo-upload-server fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60851,8 +60851,10 @@ CVE-2021-39881 (In all versions of GitLab CE/EE since version 7.7, the applicati
 	- gitlab <unfixed>
 CVE-2021-39880 (A Denial Of Service vulnerability in the apollo_upload_server Ruby gem ...)
 	- gitlab <unfixed>
-	- ruby-apollo-upload-server <unfixed>
-	TODO: reach out for details for ruby-apollo-upload-server
+	- ruby-apollo-upload-server 2.1.0-1
+	[bullseye] - ruby-apollo-upload-server <no-dsa> (Minor issue)
+	NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/330561
+	NOTE: https://github.com/jetruby/apollo_upload_server-ruby/commit/b0582c1a3e458eee3c994fb38278bd0221f20486
 CVE-2021-39879 (Missing authentication in all versions of GitLab CE/EE since version 7 ...)
 	- gitlab <unfixed>
 CVE-2021-39878 (A stored Reflected Cross-Site Scripting vulnerability in the Jira inte ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/179a58b4036e20e970142a19885ae35aa6f274be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/179a58b4036e20e970142a19885ae35aa6f274be
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220712/b696314b/attachment.htm>