[Git][security-tracker-team/security-tracker][master] ruby-apollo-upload-server fixed in sid

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
179a58b4 by Moritz Muehlenhoff at 2022-07-12T15:08:50+02:00
ruby-apollo-upload-server fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60851,8 +60851,10 @@ CVE-2021-39881 (In all versions of GitLab CE/EE since 
version 7.7, the applicati
        - gitlab <unfixed>
 CVE-2021-39880 (A Denial Of Service vulnerability in the apollo_upload_server 
Ruby gem ...)
        - gitlab <unfixed>
-       - ruby-apollo-upload-server <unfixed>
-       TODO: reach out for details for ruby-apollo-upload-server
+       - ruby-apollo-upload-server 2.1.0-1
+       [bullseye] - ruby-apollo-upload-server <no-dsa> (Minor issue)
+       NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/330561
+       NOTE: 
https://github.com/jetruby/apollo_upload_server-ruby/commit/b0582c1a3e458eee3c994fb38278bd0221f20486
 CVE-2021-39879 (Missing authentication in all versions of GitLab CE/EE since 
version 7 ...)
        - gitlab <unfixed>
 CVE-2021-39878 (A stored Reflected Cross-Site Scripting vulnerability in the 
Jira inte ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/179a58b4036e20e970142a19885ae35aa6f274be

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/179a58b4036e20e970142a19885ae35aa6f274be
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits