[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rails issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 27 13:05:29 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af049a3c by Salvatore Bonaccorso at 2026-03-27T14:05:09+01:00
Add Debian bug reference for rails issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2949,49 +2949,49 @@ CVE-2026-33241 (Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's
 CVE-2026-33211 (Tekton Pipelines project provides k8s-style resources for declaring CI ...)
 	NOT-FOR-US: Tekton Pipelines project
 CVE-2026-33202 (Active Storage allows users to attach cloud and local files in Rails a ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-73f9-jhhh-hr5m
 	NOTE: Fixed by: https://github.com/rails/rails/commit/8c9676b803820110548cdb7523800db43bc6874c (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/fa19073546360856e9f4dab221fc2c5d73a45e82 (v7.2.3.1)
 CVE-2026-33195 (Active Storage allows users to attach cloud and local files in Rails a ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-9xrj-h377-fr87
 	NOTE: Fixed by: https://github.com/rails/rails/commit/9b06fbc0f504b8afe333f33d19548f3b85fbe655 (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348 (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/4933c1e3b8c1bb04925d60347be9f69270392f2c (v7.2.3.1)
 CVE-2026-33176 (Active Support is a toolkit of support libraries and Ruby core extensi ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9
 	NOTE: Fixed by: https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856 (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a (v7.2.3.1)
 CVE-2026-33174 (Active Storage allows users to attach cloud and local files in Rails a ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-r46p-8f7g-vvvg
 	NOTE: Fixed by: https://github.com/rails/rails/commit/42012eaaa88dfc7d0030161b2bc8074a7bbce92a (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5 (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/8159a9c3de3f27a2bcf2866b8bf9ceb9075e229b (v7.2.3.1)
 CVE-2026-33173 (Active Storage allows users to attach cloud and local files in Rails a ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-qcfx-2mfw-w4cg
 	NOTE: Fixed by: https://github.com/rails/rails/commit/d9502f5214e2198245a4c1defe9cd02a7c8057d0 (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/707c0f1f41f067fdf96d54e99d43b28dfaae7e53 (v7.2.3.1)
 CVE-2026-33170 (Active Support is a toolkit of support libraries and Ruby core extensi ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-89vf-4333-qx8v
 	NOTE: Fixed by: https://github.com/rails/rails/commit/50d732af3b7c8aaf63cbcca0becbc00279b215b7 (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/c1ad0e8e1972032f3395853a5e99cea035035beb (v7.2.3.1)
 CVE-2026-33169 (Active Support is a toolkit of support libraries and Ruby core extensi ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-cg4j-q9v8-6v38
 	NOTE: Fixed by: https://github.com/rails/rails/commit/ec1a0e215efd27a3b3911aae6df978a80f456a49 (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11 (v8.0.4.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/b54a4b373c6f042cab6ee2033246b1c9ecc38974 (v7.2.3.1)
 CVE-2026-33168 (Action View provides conventions and helpers for building web pages wi ...)
-	- rails <unfixed>
+	- rails <unfixed> (bug #1132035)
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-v55j-83pf-r9cq
 	NOTE: Fixed by: https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d (v8.1.2.1)
 	NOTE: Fixed by: https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924 (v8.0.4.1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af049a3ce158ceed76d7ed0a9644da67248d88c2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af049a3ce158ceed76d7ed0a9644da67248d88c2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260327/7659537d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list