[Git][security-tracker-team/security-tracker][master] Reserve DSA-5372-1 for rails

Mon Mar 13 03:00:15 GMT 2023


Aron Xu pushed to branch master at Debian Security Tracker / security-tracker


Commits:
069f696a by Aron Xu at 2023-03-13T10:59:44+08:00
Reserve DSA-5372-1 for rails

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -160805,7 +160805,6 @@ CVE-2021-22943 (A vulnerability found in UniFi Protect application V1.18.1 and e
 CVE-2021-22942 (A possible open redirect vulnerability in the Host Authorization middl ...)
 	[experimental] - rails 2:6.1.4.1+dfsg-1
 	- rails 2:6.1.4.1+dfsg-3 (bug #992586)
-	[bullseye] - rails <no-dsa> (Minor issue)
 	[buster] - rails <not-affected> (Vulnerable code not present)
 	[stretch] - rails <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/08/20/1


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[13 Mar 2023] DSA-5372-1 rails - security update
+	{CVE-2021-22942 CVE-2021-44528 CVE-2022-21831 CVE-2022-22577 CVE-2022-23633 CVE-2022-27777 CVE-2023-22792 CVE-2023-22794 CVE-2023-22795 CVE-2023-22796}
+	[bullseye] - rails 2:6.0.3.7+dfsg-2+deb11u1
 [09 Mar 2023] DSA-5371-1 chromium - security update
 	{CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 CVE-2023-1228 CVE-2023-1229 CVE-2023-1230 CVE-2023-1231 CVE-2023-1232 CVE-2023-1233 CVE-2023-1234 CVE-2023-1235 CVE-2023-1236}
 	[bullseye] - chromium 111.0.5563.64-1~deb11u1


=====================================
data/dsa-needed.txt
=====================================
@@ -37,8 +37,6 @@ php-horde-turba
 --
 py7zr
 --
-rails (aron)
---
 ring
   might make sense to rebase to current version
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/069f696a6c6326073e6f85aa6fd93f27280c0592

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/069f696a6c6326073e6f85aa6fd93f27280c0592
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230313/d27700bc/attachment.htm>
