[Git][security-tracker-team/security-tracker][master] CVE-2024-43398/ruby

Bastien Roucariès (@rouca) rouca at debian.org
Sun Jan 5 20:57:44 GMT 2025



Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7457610 by Bastien Roucariès at 2025-01-05T20:57:09+00:00
CVE-2024-43398/ruby

Add commit fixing

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34748,6 +34748,7 @@ CVE-2024-43398 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has
 	- ruby2.7 <removed>
 	[bullseye] - ruby2.7 <postponed> (Minor issue, DoS)
 	NOTE: https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3
+	NOTE: https://github.com/ruby/rexml/commit/7cb5eaeb221c322b9912f724183294d8ce96bae3 (v3.3.6)
 CVE-2024-43331 (Missing Authorization vulnerability in VeronaLabs WP SMS.This issue af ...)
 	NOT-FOR-US: VeronaLabs WP SMS
 CVE-2024-42776 (Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Acce ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c745761021c212c99768967e2ef5f9a5598c053e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c745761021c212c99768967e2ef5f9a5598c053e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250105/ecbd8659/attachment.htm>


More information about the debian-security-tracker-commits mailing list