diff options
author | Markus Koschany <apo@debian.org> | 2021-09-22 15:41:36 +0200 |
---|---|---|
committer | Markus Koschany <apo@debian.org> | 2021-09-22 15:41:36 +0200 |
commit | 2b6ccfd406574e01939d3b3c274899753224bc1c (patch) | |
tree | f7d2849385e0c7dca4034d53f848e63f01911ab8 /data/dla-needed.txt | |
parent | e12a852a040ef0c0a17a4be2e40ebde5cfaf0b9e (diff) |
Reserve DLA-2763-1 for ruby-kaminari
Diffstat (limited to 'data/dla-needed.txt')
-rw-r--r-- | data/dla-needed.txt | 14 |
1 files changed, 0 insertions, 14 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 950cf6ece1..257891f12f 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -78,20 +78,6 @@ python-babel qtbase-opensource-src (Utkarsh) NOTE: 20210914: needs further checking for vulnerability. (utkarsh) -- -ruby-kaminari - NOTE: 20200819: The source in Debian (at least in LTS) appears to have a different lineage to - NOTE: 20200819: the one upstream or in its many forks. For example, both dthe - NOTE: 20200819: kaminari/kaminari and amatsuda/kaminari repositories does no have the - NOTE: 20200819: @params.except(:script_name) line in any part of their history (although the - NOTE: 20200819: file has been refactored a few times). (lamby) - NOTE: 20200928: A new module should be written in config/initializers/kaminari.rb. (utkarsh) - NOTE: 20200928: It should prepend_features from Kaminari::Helpers::Tag. (utkarsh) - NOTE: 20201009: This (↑) is an app-level patch for a rails app. A library-level patch - NOTE: 20201009: will needed to be written. Opened an issue at upstream, though somewhat inactive. (utkarsh) - NOTE: 20210719: https://people.debian.org/~apo/lts/ruby-kaminari/CVE-2020-11082.patch - NOTE: 20210719: I believe the fix is just adding and extending the blacklist for ruby-kaminari. - NOTE: 20210719: Will discuss this with Utkarsh (maintainer) shortly. --- ruby2.3 NOTE: 20210802: Utkarsh already uploaded a fix for sid/bullseye. (utkarsh) NOTE: 20210816: wip, backporting patches; a bit hard. (utkarsh) |