Skip to content

Commit 9a88f50

Browse files
postmodernpostmodern
committed
Re-add >= 7.2.0.beta2 to patched versions for CVE-2024-28103 / CVE-2024-32464.
* While the original advisories do not mention 7.2.0.beta2 as being patched, the GHSA advisories do, however. * GHSA-fwhr-88qx-h9g7 * GHSA-prjp-h48f-jgf6
1 parent ec3b659 commit 9a88f50

File tree

2 files changed

+4
-2
lines changed

2 files changed

+4
-2
lines changed

gems/actionpack/CVE-2024-28103.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,8 @@ unaffected_versions:
5858
patched_versions:
5959
- "~> 6.1.7, >= 6.1.7.8"
6060
- "~> 7.0.8, >= 7.0.8.4"
61-
- ">= 7.1.3.4"
61+
- "~> 7.1.3, >= 7.1.3.4"
62+
- ">= 7.2.0.beta2"
6263
related:
6364
url:
6465
- https://nvd.nist.gov/vuln/detail/CVE-2024-28103

gems/actiontext/CVE-2024-32464.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,8 @@ cvss_v3: 6.1
4949
unaffected_versions:
5050
- "< 7.1.0"
5151
patched_versions:
52-
- ">= 7.1.3.4"
52+
- "~> 7.1.3, >= 7.1.3.4"
53+
- ">= 7.2.0.beta2"
5354
related:
5455
url:
5556
- https://nvd.nist.gov/vuln/detail/CVE-2024-32464

0 commit comments

Comments
 (0)