[Git][security-tracker-team/security-tracker][master] Add CVE-2022-23634/puma

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
33573fd7 by Salvatore Bonaccorso at 2022-02-12T11:03:01+01:00
Add CVE-2022-23634/puma

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4240,7 +4240,10 @@ CVE-2022-23636
 CVE-2022-23635
        RESERVED
 CVE-2022-23634 (Puma is a Ruby/Rack web server built for parallelism. Prior to 
`puma`  ...)
-       TODO: check
+       - puma <unfixed>
+       NOTE: 
https://github.com/puma/puma/security/advisories/GHSA-rmj8-8hhh-gv5h
+       NOTE: 
https://github.com/puma/puma/commit/b70f451fe8abc0cff192c065d549778452e155bb
+       NOTE: Related issue to CVE-2022-23633 for src:rails
 CVE-2022-23633 (Action Pack is a framework for handling and responding to web 
requests ...)
        - rails <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2022/02/11/5



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33573fd7060d7fb25f62a004e9adec7e8c5595e4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33573fd7060d7fb25f62a004e9adec7e8c5595e4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits