Add commit reference for CVE-2020-8165/rails

author: Salvatore Bonaccorso <carnil@debian.org> 2020-06-04 09:30:02 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-06-04 09:30:02 +0200
commit: 591492aa790413dfa662464fa63a384d07c26498 (patch)
tree: 02eb436652af6db71e356ceb7dfc7125b53f1324 /data
parent: c83a9649ce687450e37eed1573b4fcd7bf5e001d (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index f9f99389d6..4ba3e1bb09 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -12971,6 +12971,8 @@ CVE-2020-8165
 	RESERVED
 	- rails 2:5.2.4.3+dfsg-1
 	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
+	NOTE: https://github.com/rails/rails/commit/f7e077f85e61fc0b7381963eda0ceb0e457546b5
+	NOTE: https://github.com/rails/rails/commit/467e3399c9007996c03ffe3212689d48dd25ae99
 CVE-2020-8164 [possible strong parameters bypass]
 	RESERVED
 	[experimental] - rails 2:6.0.3.1+dfsg-1
author	Salvatore Bonaccorso <carnil@debian.org>	2020-06-04 09:30:02 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-06-04 09:30:02 +0200
commit	591492aa790413dfa662464fa63a384d07c26498 (patch)
tree	02eb436652af6db71e356ceb7dfc7125b53f1324 /data
parent	c83a9649ce687450e37eed1573b4fcd7bf5e001d (diff)