Reference upstream commits for CVE-2022-21831

author: Salvatore Bonaccorso <carnil@debian.org> 2022-05-27 21:34:33 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-05-27 21:34:33 +0200
commit: b871cf4fa9f53620fa8ba5c4d3ce5356fb18c10e (patch)
tree: b5bfb5ac7034130e38220bafa9c899d0ee197775
parent: cfe1ab89b5e6814a491ebddaadb38c4cdc83983e (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 8a02d1e2b4..8db97920a5 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -33361,7 +33361,9 @@ CVE-2022-21832
 CVE-2022-21831 (A code injection vulnerability exists in the Active Storage &gt;= v5.2 ...)
 	- rails <unfixed> (bug #1011940)
 	NOTE: https://github.com/advisories/GHSA-w749-p3v6-hccq
-	NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (6-1-stable)
+	NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (v6.1.4.7)
+	NOTE: https://github.com/rails/rails/commit/92f64fec3136baabbebac97073c5213ea055dc53 (v6.0.4.7)
+	NOTE: https://github.com/rails/rails/commit/94e2f00d2abedbea1ef62fc775d031ffda00662c (v5.2.6.3)
 CVE-2022-21830 (A blind self XSS vulnerability exists in RocketChat LiveChat &lt;v1.9  ...)
 	NOT-FOR-US: Rocket.Chat.Livechat
 CVE-2022-21829
author	Salvatore Bonaccorso <carnil@debian.org>	2022-05-27 21:34:33 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-05-27 21:34:33 +0200
commit	b871cf4fa9f53620fa8ba5c4d3ce5356fb18c10e (patch)
tree	b5bfb5ac7034130e38220bafa9c899d0ee197775
parent	cfe1ab89b5e6814a491ebddaadb38c4cdc83983e (diff)