[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-21831/rails via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 20 20:30:23 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
078d5d5e by Salvatore Bonaccorso at 2022-06-20T21:29:48+02:00
Track fixed version for CVE-2022-21831/rails via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39591,7 +39591,7 @@ CVE-2021-44832 (Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding secur
CVE-2022-21832
RESERVED
CVE-2022-21831 (A code injection vulnerability exists in the Active Storage >= v5.2 ...)
- - rails <unfixed> (bug #1011940)
+ - rails 2:6.1.4.7+dfsg-1 (bug #1011940)
NOTE: https://github.com/advisories/GHSA-w749-p3v6-hccq
NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (v6.1.4.7)
NOTE: https://github.com/rails/rails/commit/92f64fec3136baabbebac97073c5213ea055dc53 (v6.0.4.7)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/078d5d5e9fd8a9108dc351a8b752585971b92906
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/078d5d5e9fd8a9108dc351a8b752585971b92906
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220620/2537fea0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list