[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49090/ruby-carrierwave
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 31 21:46:37 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c59449d2 by Salvatore Bonaccorso at 2024-03-31T22:45:49+02:00
Add Debian bug reference for CVE-2023-49090/ruby-carrierwave
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27242,7 +27242,7 @@ CVE-2023-6070 (A server-side request forgery vulnerability in ESM prior to versi
CVE-2023-49091 (Cosmos provides users the ability self-host a home server by acting as ...)
NOT-FOR-US: Cosmos
CVE-2023-49090 (CarrierWave is a solution for file uploads for Rails, Sinatra and othe ...)
- - ruby-carrierwave <unfixed>
+ - ruby-carrierwave <unfixed> (bug #1068150)
NOTE: https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj
NOTE: Fixed by: https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5 (v2.2.5)
NOTE: Fixed by: https://github.com/carrierwaveuploader/carrierwave/commit/863d425c76eba12c3294227b39018f6b2dccbbf3 (v3.0.5)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c59449d2c9adefa392be4fdc1b4f04ec20a2daaa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c59449d2c9adefa392be4fdc1b4f04ec20a2daaa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240331/6de0c411/attachment.htm>
More information about the debian-security-tracker-commits
mailing list