diff options
author | Markus Koschany <apo@debian.org> | 2022-05-26 00:01:19 +0200 |
---|---|---|
committer | Markus Koschany <apo@debian.org> | 2022-05-26 00:01:19 +0200 |
commit | 00630d0c50934270a17c3f5ecc438032a277ca9a (patch) | |
tree | a0a90c19044bfaa4fcd89da02f8cd03c6bba759c /data/DLA | |
parent | 5c5c0f1163d86480b8940f88cdd8539f5e5f79fb (diff) |
CVE-2022-24790,puma: Mark as no-dsa for Stretch
Although all existing tests pass, the new test_requests_invalid tests never
seem to finish. It is currently not possible to determine if this is caused by
a failing test or a Puma bug. The error message is:
Error reached top of thread-pool
and might be related to
https://github.com/puma/puma/issues/1502
I have opted not to apply the patch because of that. The preliminary patch to
fix CVE-2022-24790 can be found at
https://people.debian.org/~apo/lts/stretch/puma/CVE-2022-24790.patch
Also remove the no-dsa tags for CVE-2019-16770 and CVE-2020-5247 because they
will be fixed in an upcoming security update.
Diffstat (limited to 'data/DLA')
0 files changed, 0 insertions, 0 deletions