Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
208a02a8 by Salvatore Bonaccorso at 2021-06-13T09:45:48+02:00
Track fixed version for CVE-2021-21288/ruby-carrierwave via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32647,7 +32647,7 @@ CVE-2021-21289 (Mechanize is an open-source ruby
library that makes automated we
NOTE:
https://github.com/sparklemotion/mechanize/commit/63f8779e49664d5e95fae8d42d04c8e373162b3c
(v2.7.7)
NOTE: Test warnings fixup:
https://github.com/sparklemotion/mechanize/commit/5b30aed33cbac9825e8978f8e36dd221cbd4c093
(v2.7.7)
CVE-2021-21288 (CarrierWave is an open-source RubyGem which provides a simple
and flex ...)
- - ruby-carrierwave <unfixed> (bug #982552)
+ - ruby-carrierwave 1.3.2-1 (bug #982552)
[stretch] - ruby-carrierwave <ignored> (No reverse dependencies)
NOTE:
https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-fwcm-636p-68r5
NOTE:
https://github.com/carrierwaveuploader/carrierwave/commit/012702eb3ba1663452aa025831caa304d1a665c0
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/208a02a80de7793e4df384b35c95f68a9e87b744
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/208a02a80de7793e4df384b35c95f68a9e87b744
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
