Re: Issues regarding ruby-rack/CVE-2019-16782
Hi all,
On Fri, Apr 24, 2020 at 3:09 AM Utkarsh Gupta <utkarsh@debian.org> wrote:
> Thank you for this. I've started to think on the same lines.
> During this weekend, I'll take a quick look over what other
> distributions are doing for this.
I took a look and couldn't find anything. Interestingly, the advisory[1]
by GitHub has also marked this as of "low" severity.
> And if I don't find something, we could perhaps mark this as "no-dsa"?
Therefore, I have marked this as no-dsa in Jessie, at least.
D'you think I should go on and mark this as no-dsa for Stretch and Buster, too?
Best,
Utkarsh
---
[1]: https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3
Reply to: