diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-02 15:19:41 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-02 15:19:41 +0100 |
| commit | 181a966ceba9e663659532072ab482994dbed543 (patch) | |
| tree | 6de6750c67138f65b96137d3cb633270be673d67 | |
| parent | 006826b05e4754b3d47edee2fe329454b00c8962 (diff) | |
Add Debian bug reference for ruby3.0 issues
| -rw-r--r-- | data/CVE/2021.list | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 6621fc4c96..e52a30a678 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -10274,7 +10274,7 @@ CVE-2021-41820 RESERVED CVE-2021-41819 (CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes i ...) {DLA-2853-1} - - ruby3.0 <unfixed> + - ruby3.0 <unfixed> (bug #1002995) - ruby2.7 2.7.5-1 - ruby2.5 <removed> - ruby2.3 <removed> @@ -10285,7 +10285,7 @@ CVE-2021-41818 RESERVED CVE-2021-41817 (Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regula ...) {DLA-2853-1} - - ruby3.0 <unfixed> + - ruby3.0 <unfixed> (bug #1002995) - ruby2.7 2.7.5-1 - ruby2.5 <removed> - ruby2.3 <removed> @@ -10297,7 +10297,7 @@ CVE-2021-41817 (Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS ( NOTE: https://github.com/ruby/date/commit/376c65942bd1d81803f14d37351737df60ec4664 (v3.2.2) CVE-2021-41816 [Buffer Overrun in CGI.escape_html] RESERVED - - ruby3.0 <unfixed> + - ruby3.0 <unfixed> (bug #1002995) - ruby2.7 2.7.5-1 - ruby2.5 <not-affected> (Vulnerable code introduced later) - ruby2.3 <not-affected> (Vulnerable code introduced later) |