[Git][security-tracker-team/security-tracker][master] Add CVE-2025-61771/ruby-rack

Wed Oct 8 08:38:57 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e58d21b1 by Salvatore Bonaccorso at 2025-10-08T09:37:42+02:00
Add CVE-2025-61771/ruby-rack

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,6 +4,12 @@ CVE-2025-61772 [Rack memory exhaustion denial of service]
 	NOTE: Fixed by: https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e (v3.2.2)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd (v3.1.17)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e (v2.2.19)
+CVE-2025-61771
+	- ruby-rack <unfixed>
+	NOTE: https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw
+	NOTE: Fixed by: https://github.com/rack/rack/commit/3beacfcd494ec5600c9022d561cfa2f556a524d1 (v3.2.2)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/f224f93bb3f16e9b968493fbd7bac751e66d2fdc (v3.1.17)
+	NOTE: Fixed by: https://github.com/rack/rack/commit/c370dcd9405a6799763b70a83f06ae2d1aaa0e87 (v2.2.19)
 CVE-2025-61770
 	- ruby-rack <unfixed>
 	NOTE: Fixed by: https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e (v3.2.2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e58d21b1d66831ee1691bb65bbf1d7043299495d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e58d21b1d66831ee1691bb65bbf1d7043299495d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251008/9da53a29/attachment-0001.htm>
