diff options
author | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-03-14 00:35:38 +0100 |
---|---|---|
committer | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-03-14 00:35:38 +0100 |
commit | d617754fc952119e9d7f0b5366ebbe48bcff6de9 (patch) | |
tree | d76f6f237bb53120515bf2a30595c2ff2ee216a9 | |
parent | d35d59ae917659fcade07c296ac1e9f64218d30d (diff) |
[SECURITY] [DSA 5372-1] rails security update1032440_single_page_html
-rw-r--r-- | english/security/2023/dsa-5372.data | 13 | ||||
-rw-r--r-- | english/security/2023/dsa-5372.wml | 20 |
2 files changed, 33 insertions, 0 deletions
diff --git a/english/security/2023/dsa-5372.data b/english/security/2023/dsa-5372.data new file mode 100644 index 00000000000..9834fcd0d7e --- /dev/null +++ b/english/security/2023/dsa-5372.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-5372-1 rails</define-tag> +<define-tag report_date>2023-3-13</define-tag> +<define-tag secrefs>CVE-2021-22942 CVE-2021-44528 CVE-2022-21831 CVE-2022-22577 CVE-2022-23633 CVE-2022-27777 CVE-2023-22792 CVE-2023-22794 CVE-2023-22795 CVE-2023-22796 Bug#992586 Bug#1001817 Bug#1011940 Bug#1011941 Bug#1005389 Bug#1016982 Bug#1030050</define-tag> +<define-tag packages>rails</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2023/dsa-5372.wml b/english/security/2023/dsa-5372.wml new file mode 100644 index 00000000000..7e19503df96 --- /dev/null +++ b/english/security/2023/dsa-5372.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Multiple vulnerabilities were discovered in rails, the Ruby based server-side +MVC web application framework, which could result in XSS, data disclosure +and open redirect.</p> + +<p>For the stable distribution (bullseye), these problems have been fixed in +version 2:6.0.3.7+dfsg-2+deb11u1.</p> + +<p>We recommend that you upgrade your rails packages.</p> + +<p>For the detailed security status of rails please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/rails">\ +https://security-tracker.debian.org/tracker/rails</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2023/dsa-5372.data" +# $Id: $ |