Mark CVE-2018-3741/ruby-rails-html-sanitizer as no-dsa

author: Salvatore Bonaccorso <carnil@debian.org> 2020-06-01 10:45:09 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-06-01 10:45:09 +0200
commit: df4563ecaf9b30119f3b42bfe1440a450349ff02 (patch)
tree: e6462d7846ea2d9ca385f47af35c96c5c83d00e2
parent: 69aefd8938b2fa7bdf662372e1ec3c4c276b8b84 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2018 b/data/CVE/list.2018
index b7a3a25bd1..18eb81126e 100644
--- a/data/CVE/list.2018
+++ b/data/CVE/list.2018
@@ -46348,6 +46348,7 @@ CVE-2018-3742
 	REJECTED
 CVE-2018-3741 (There is a possible XSS vulnerability in all rails-html-sanitizer gem  ...)
 	- ruby-rails-html-sanitizer 1.0.4-1 (bug #893994)
+	[stretch] - ruby-rails-html-sanitizer <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
 CVE-2018-3740 (A specially crafted HTML fragment can cause Sanitize gem for Ruby to a ...)
 	{DSA-4358-1}
author	Salvatore Bonaccorso <carnil@debian.org>	2020-06-01 10:45:09 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-06-01 10:45:09 +0200
commit	df4563ecaf9b30119f3b42bfe1440a450349ff02 (patch)
tree	e6462d7846ea2d9ca385f47af35c96c5c83d00e2
parent	69aefd8938b2fa7bdf662372e1ec3c4c276b8b84 (diff)