From a9afaea12fb8528b6d25a9f71f8b7812f1849b4f Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 3 Apr 2021 20:24:36 +0200 Subject: Track fixed version for CVE-2021-28834/ruby-kramdown via unstable --- data/CVE/list.2021 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 79652b1d94..e225bfe6cf 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -2758,7 +2758,7 @@ CVE-2021-28836 CVE-2021-28835 RESERVED CVE-2021-28834 (Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge: ...) - - ruby-kramdown (bug #985569) + - ruby-kramdown 2.3.0-5 (bug #985569) NOTE: https://github.com/gettalong/kramdown/pull/708 NOTE: Fixed by: https://github.com/gettalong/kramdown/commit/d6a1cbcb2caa2f8a70927f176070d126b2422760 CVE-2021-28833 -- cgit v1.2.3