From b871cf4fa9f53620fa8ba5c4d3ce5356fb18c10e Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 27 May 2022 21:34:33 +0200
Subject: Reference upstream commits for CVE-2022-21831

---
 data/CVE/list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 8a02d1e2b4..8db97920a5 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -33361,7 +33361,9 @@ CVE-2022-21832
 CVE-2022-21831 (A code injection vulnerability exists in the Active Storage &gt;= v5.2 ...)
 	- rails <unfixed> (bug #1011940)
 	NOTE: https://github.com/advisories/GHSA-w749-p3v6-hccq
-	NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (6-1-stable)
+	NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (v6.1.4.7)
+	NOTE: https://github.com/rails/rails/commit/92f64fec3136baabbebac97073c5213ea055dc53 (v6.0.4.7)
+	NOTE: https://github.com/rails/rails/commit/94e2f00d2abedbea1ef62fc775d031ffda00662c (v5.2.6.3)
 CVE-2022-21830 (A blind self XSS vulnerability exists in RocketChat LiveChat &lt;v1.9  ...)
 	NOT-FOR-US: Rocket.Chat.Livechat
 CVE-2022-21829
-- 
cgit v1.2.3