[Git][security-tracker-team/security-tracker][master] new ruby-tzinfo issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Jul 23 22:06:15 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58e92def by Moritz Muehlenhoff at 2022-07-23T23:04:58+02:00
new ruby-tzinfo issue
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -13640,7 +13640,9 @@ CVE-2022-31165
CVE-2022-31164 (Tovy is a a staff management system for Roblox groups. A vulnerability ...)
NOT-FOR-US: Tovy
CVE-2022-31163 (TZInfo is a Ruby library that provides access to time zone data and al ...)
- TODO: check
+ - ruby-tzinfo 2.0.4-2
+ NOTE: https://github.com/tzinfo/tzinfo/security/advisories/GHSA-5cm2-9h8c-rvfx
+ NOTE: https://github.com/tzinfo/tzinfo/commit/b98c32efd61289fe6f00a50ab8061e95962ea983
CVE-2022-31162 (Slack Morphism is an async client library for Rust. Prior to 0.41.0, i ...)
NOT-FOR-US: Slack Morphism
CVE-2022-31161 (Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -61,6 +61,8 @@ rpki-client/stable
--
ruby-rack
--
+ruby-tzinfo
+--
salt
--
slurm-llnl/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58e92defcfe10537191704a30aff8c64d9a3b1bf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58e92defcfe10537191704a30aff8c64d9a3b1bf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220723/4c804fba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list