[Git][security-tracker-team/security-tracker][master] Claim ruby-loofah in dla-needed.txt

Daniel Leidert (@dleidert) dleidert at debian.org
Thu Feb 16 13:45:19 GMT 2023 


Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker


Commits:
52840127 by Daniel Leidert at 2023-02-16T14:41:23+01:00
Claim ruby-loofah in dla-needed.txt

... and add patch links for CVEs.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -85409,13 +85409,16 @@ CVE-2022-23516 (Loofah is a general library for manipulating and transforming HT
 	- ruby-loofah 2.19.1-1 (bug #1026083)
 	[buster] - ruby-loofah <no-dsa> (Minor issue)
 	NOTE: https://github.com/flavorjones/loofah/security/advisories/GHSA-3x8r-x6xp-q4vm
+	NOTE: https://github.com/flavorjones/loofah/commit/86f7f6364491b0099d215db858ecdc0c89ded040
 CVE-2022-23515 (Loofah is a general library for manipulating and transforming HTML/XML ...)
 	- ruby-loofah 2.19.1-1 (bug #1026083)
 	NOTE: https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx
+	NOTE: https://github.com/flavorjones/loofah/commit/415677f3cf7f9254f42f811e784985cd63c7407f
 CVE-2022-23514 (Loofah is a general library for manipulating and transforming HTML/XML ...)
 	- ruby-loofah 2.19.1-1 (bug #1026083)
 	[buster] - ruby-loofah <no-dsa> (Minor issue)
 	NOTE: https://github.com/flavorjones/loofah/security/advisories/GHSA-486f-hjj9-9vhh
+	NOTE: https://github.com/flavorjones/loofah/commit/a6e0a1ab90675a17b1b2be189129d94139e4b143
 CVE-2022-23513 (Pi-Hole is a network-wide ad blocking via your own Linux hardware, Adm ...)
 	NOT-FOR-US: Pi-Hole
 CVE-2022-23512 (MeterSphere is a one-stop open source continuous testing platform. Ver ...)


=====================================
data/dla-needed.txt
=====================================
@@ -260,7 +260,7 @@ ring
   NOTE: 20221120: Programming language: C.
   NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/ring.git
 --
-ruby-loofah
+ruby-loofah (Daniel Leidert)
   NOTE: 20221231: Programming language: Ruby.
   NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/ruby-loofah.git
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52840127a570f08ac6bc913da56f814701202c57

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52840127a570f08ac6bc913da56f814701202c57
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230216/6fe44500/attachment.htm>

More information about the debian-security-tracker-commits mailing list