[Git][security-tracker-team/security-tracker][master] Track fixes for two ruby-rack issues fixed via unstable upload

Tue, 10 Mar 2026 01:29:27 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f43226ee by Salvatore Bonaccorso at 2026-03-10T09:27:58+01:00
Track fixes for two ruby-rack issues fixed via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8344,7 +8344,7 @@ CVE-2026-27100 (Jenkins 2.550 and earlier, LTS 2.541.1 
and earlier accepts Run P
 CVE-2026-27099 (Jenkins 2.483 through 2.550 (both inclusive), LTS 2.492.1 
through 2.54 ...)
        NOT-FOR-US: Jenkins (core or plugin)
 CVE-2026-25500 (Rack is a modular Ruby web server interface. Prior to versions 
2.2.22, ...)
-       - ruby-rack <unfixed> (bug #1128480)
+       - ruby-rack 3.2.5-1 (bug #1128480)
        NOTE: 
https://github.com/rack/rack/security/advisories/GHSA-whrj-4476-wvmp
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/f2f225f297b99fbee3d9f51255d41f601fc40aff 
(main)
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/93a68f58aa82aa48f09b751501f19f5e760dd406 
(v3.2.5)
@@ -8353,7 +8353,7 @@ CVE-2026-25500 (Rack is a modular Ruby web server 
interface. Prior to versions 2
 CVE-2026-23491 (InvoicePlane is a self-hosted open source application for 
managing inv ...)
        NOT-FOR-US: InvoicePlane
 CVE-2026-22860 (Rack is a modular Ruby web server interface. Prior to versions 
2.2.22, ...)
-       - ruby-rack <unfixed> (bug #1128479)
+       - ruby-rack 3.2.5-1 (bug #1128479)
        NOTE: 
https://github.com/rack/rack/security/advisories/GHSA-mxw3-3hh2-x2mh
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/75c5745c286637a8f049a33790c71237762069e7 
(main)
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/f9bde3bc2dde2771185ac1a7b7602a4d9fa0a0d8 
(v3.2.5)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f43226ee5aac441d46ccb7f7e7f92d0ed8279cdf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f43226ee5aac441d46ccb7f7e7f92d0ed8279cdf
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to