[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49090/ruby-carrierwave as postponed for buster
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Sun Jun 2 19:40:34 BST 2024
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d0e32cb8 by Emilio Pozuelo Monfort at 2024-06-02T20:39:45+02:00
Mark CVE-2023-49090/ruby-carrierwave as postponed for buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50778,6 +50778,7 @@ CVE-2023-49091 (Cosmos provides users the ability self-host a home server by act
CVE-2023-49090 (CarrierWave is a solution for file uploads for Rails, Sinatra and othe ...)
- ruby-carrierwave <unfixed> (bug #1068150)
[bookworm] - ruby-carrierwave <no-dsa> (Minor issue)
+ [buster] - ruby-carrierwave <postponed> (Minor issue)
NOTE: https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj
NOTE: Fixed by: https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5 (v2.2.5)
NOTE: Fixed by: https://github.com/carrierwaveuploader/carrierwave/commit/863d425c76eba12c3294227b39018f6b2dccbbf3 (v3.0.5)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0e32cb8febb0a606a08a00ed93977189bba5a2b
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0e32cb8febb0a606a08a00ed93977189bba5a2b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240602/7c839f8e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list