diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-02 15:19:41 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-02 15:19:41 +0100 |
commit | 88909cd5b816cefa452a82f07d769b157863a151 (patch) | |
tree | 53fde41f552afa8437c3d2190fff8881ae9928a3 | |
parent | f73e2b2c670c5d126e3e9adff250cbe7ce01d07d (diff) |
Add Debian bug reference for ruby3.0 issues
-rw-r--r-- | data/CVE/list.2021 | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 6621fc4c96..e52a30a678 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -10274,7 +10274,7 @@ CVE-2021-41820 RESERVED CVE-2021-41819 (CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes i ...) {DLA-2853-1} - - ruby3.0 <unfixed> + - ruby3.0 <unfixed> (bug #1002995) - ruby2.7 2.7.5-1 - ruby2.5 <removed> - ruby2.3 <removed> @@ -10285,7 +10285,7 @@ CVE-2021-41818 RESERVED CVE-2021-41817 (Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regula ...) {DLA-2853-1} - - ruby3.0 <unfixed> + - ruby3.0 <unfixed> (bug #1002995) - ruby2.7 2.7.5-1 - ruby2.5 <removed> - ruby2.3 <removed> @@ -10297,7 +10297,7 @@ CVE-2021-41817 (Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS ( NOTE: https://github.com/ruby/date/commit/376c65942bd1d81803f14d37351737df60ec4664 (v3.2.2) CVE-2021-41816 [Buffer Overrun in CGI.escape_html] RESERVED - - ruby3.0 <unfixed> + - ruby3.0 <unfixed> (bug #1002995) - ruby2.7 2.7.5-1 - ruby2.5 <not-affected> (Vulnerable code introduced later) - ruby2.3 <not-affected> (Vulnerable code introduced later) |