Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c280206a by Salvatore Bonaccorso at 2023-02-28T22:34:29+01:00
CVE-2021-21305: Add upstream commit reference for 1.3.y branch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -163657,7 +163657,8 @@ CVE-2021-21305 (CarrierWave is an open-source RubyGem
which provides a simple an
[buster] - ruby-carrierwave <no-dsa> (Minor issue)
[stretch] - ruby-carrierwave <ignored> (No reverse dependencies)
NOTE:
https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-cf3w-g86h-35x4
- NOTE:
https://github.com/carrierwaveuploader/carrierwave/commit/387116f5c72efa42bc3938d946b4c8d2f22181b7
+ NOTE:
https://github.com/carrierwaveuploader/carrierwave/commit/387116f5c72efa42bc3938d946b4c8d2f22181b7
(v2.2.0)
+ NOTE:
https://github.com/carrierwaveuploader/carrierwave/commit/eb9346df598a758a5f8c4a338852982fd7f8f6b8
(v1.3.2)
CVE-2021-21304 (Dynamoose is an open-source modeling tool for Amazon's
DynamoDB. In Dy ...)
NOT-FOR-US: Dynamoose
CVE-2021-21303 (Helm is open-source software which is essentially "The
Kubernetes Pack ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c280206ae89f6de160ce7b30983b34f484386db7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c280206ae89f6de160ce7b30983b34f484386db7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
