[Git][security-tracker-team/security-tracker][master] Update information for dos vulernabiltiies in ruby-rack

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6edbbb6d by Salvatore Bonaccorso at 2025-10-08T09:34:07+02:00
Update information for dos vulernabiltiies in ruby-rack

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,14 @@
 CVE-2025-61772 [Rack memory exhaustion denial of service]
 	- ruby-rack <unfixed>
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2402200
+	NOTE: https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c
+	NOTE: Fixed by: https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e (v3.2.2)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd (v3.1.17)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e (v2.2.19)
+CVE-2025-61770
+	- ruby-rack <unfixed>
+	NOTE: Fixed by: https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e (v3.2.2)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd (v3.1.17)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e (v2.2.19)
 CVE-2025-6242
 	- vllm <itp> (bug #1095237)
 CVE-2025-59425



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6edbbb6dcd67053465ad384f19a1aae408434189

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6edbbb6dcd67053465ad384f19a1aae408434189
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251008/ccdab470/attachment.htm>