Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6346eacd by Salvatore Bonaccorso at 2022-07-31T16:17:00+02:00
Add upstream commits for CVE-2022-32224
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12135,6 +12135,10 @@ CVE-2022-32224
RESERVED
- rails <unfixed> (bug #1016140)
NOTE: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
+ NOTE: Fixed by:
https://github.com/rails/rails/commit/611990f1a6c137c2d56b1ba06b27e5d2434dcd6a
(main)
+ NOTE: Fixed by:
https://github.com/rails/rails/commit/8ce4bd1be83c08c30c34af4d0f1a726066128176
(v6.1.6.1)
+ NOTE: Fixed by:
https://github.com/rails/rails/commit/d28f278788b599c0a9f6e3ea437c6642eb56f16c
(v6.0.5.1)
+ NOTE: Fixed by:
https://github.com/rails/rails/commit/6576aa7bbcf52ebd39853363e29f92b4dd53b6f1
(v5.2.8.1)
CVE-2022-32223 (Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking
under ce ...)
- nodejs <not-affected> (Only affects Windows)
NOTE:
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/#dll-hijacking-on-windows-high-cve-2022-32223
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6346eacd4c4496a78481d98ec13227841e778aac
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6346eacd4c4496a78481d98ec13227841e778aac
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
