Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6edbbb6d by Salvatore Bonaccorso at 2025-10-08T09:34:07+02:00
Update information for dos vulernabiltiies in ruby-rack
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,6 +1,14 @@
CVE-2025-61772 [Rack memory exhaustion denial of service]
- ruby-rack <unfixed>
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2402200
+ NOTE:
https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c
+ NOTE: Fixed by:
https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
(v3.2.2)
+ NOTE: Fixed by:
https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
(v3.1.17)
+ NOTE: Fixed by:
https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
(v2.2.19)
+CVE-2025-61770
+ - ruby-rack <unfixed>
+ NOTE: Fixed by:
https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
(v3.2.2)
+ NOTE: Fixed by:
https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
(v3.1.17)
+ NOTE: Fixed by:
https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
(v2.2.19)
CVE-2025-6242
- vllm <itp> (bug #1095237)
CVE-2025-59425
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6edbbb6dcd67053465ad384f19a1aae408434189
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6edbbb6dcd67053465ad384f19a1aae408434189
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
