ruby-rack as no-dsa

Salvatore Bonaccorso Wed, 27 May 2020 07:15:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
943e43c1 by Salvatore Bonaccorso at 2020-05-27T16:12:59+02:00
Mark CVE-2020-8161/ruby-rack as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14198,6 +14198,8 @@ CVE-2020-8161 [Directory traversal in Rack::Directory]
        RESERVED
        {DLA-2216-1}
        - ruby-rack 2.1.1-5
+       [buster] - ruby-rack <no-dsa> (Minor issue; can be fixed via point 
release)
+       [stretch] - ruby-rack <no-dsa> (Minor issue; can be fixed via point 
release)
        NOTE: 
https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e
        NOTE: Required followup: 
https://github.com/rack/rack/commit/e7ba1b0557d3ad97af1ef113bbeb5f27417983fa



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/943e43c195e1d270e43ea38c49c817a93303ad4d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/943e43c195e1d270e43ea38c49c817a93303ad4d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8161/ruby-rack as no-dsa

Reply via email to