[Git][security-tracker-team/security-tracker][master] CVE-2025-24293/rails: drop patches references against CVE-2025-55193

Sun, 10 May 2026 03:08:35 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e255f031 by Sylvain Beucler at 2026-05-10T12:07:21+02:00
CVE-2025-24293/rails: drop patches references against CVE-2025-55193

+ re-order CVE-2025-55193 patches

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -104414,11 +104414,8 @@ CVE-2025-24293 (# Active Storage allowed 
transformation methods potentially unsa
        - rails 2:7.2.2.2+dfsg-1
        NOTE: 
https://github.com/rails/rails/security/advisories/GHSA-r4mg-4433-c7g3
        NOTE: 
https://github.com/rails/rails/commit/2d612735ac0d9712fdfffaf80afa627e7295f6ce 
(v8.0.2.1)
-       NOTE: 
https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b 
(v8.0.2.1)
        NOTE: 
https://github.com/rails/rails/commit/fb8f3a18c3d97524c0efc29150d1e5f3162fbb13 
(v7.2.2.2)
-       NOTE: 
https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202 
(v7.2.2.2)
        NOTE: 
https://github.com/rails/rails/commit/1b1adf6ee6ca0f3104fcfce79360b2ec1e06a354 
(v7.1.5.2)
-       NOTE: 
https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290 
(v7.1.5.2)
 CVE-2025-9826 (Stored cross-site scripting vulnerability in M-Files Hubshare 
before v ...)
        NOT-FOR-US: M-Files
 CVE-2025-9084 (Mattermost versions 10.5.x <= 10.5.9 fail to properly validate 
redirec ...)
@@ -115636,9 +115633,9 @@ CVE-2025-55193 (Active Record connects classes to 
relational database tables. Pr
        {DSA-6090-1 DLA-4416-1}
        - rails 2:7.2.2.2+dfsg-1 (bug #1111106)
        NOTE: 
https://github.com/rails/rails/security/advisories/GHSA-76r7-hhxj-r776
-       NOTE: 
https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290 
(v7.1.5.2)
-       NOTE: 
https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202 
(v7.2.2.2)
        NOTE: 
https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b 
(v8.0.2.1)
+       NOTE: 
https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202 
(v7.2.2.2)
+       NOTE: 
https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290 
(v7.1.5.2)
 CVE-2025-3414 (The Structured Content (JSON-LD) #wpsc WordPress plugin before 
1.7.0 d ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-34154 (UnForm Server Manager versions prior to 10.1.12 expose an 
unauthentica ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e255f031ccdb561b6accc76957f7b15932e59b9d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e255f031ccdb561b6accc76957f7b15932e59b9d
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to