From f187322d3a9b1dd414f7f445d63324ec6bba78d4 Mon Sep 17 00:00:00 2001
From: ag <ag@wiseadvice.eu>
Date: Thu, 2 Nov 2023 12:37:02 +0100
Subject: [PATCH] commit by to_remotes 2023-11-02 12:37:02 +0100 from vmdevac

---
 bundle-audit-time.txt |  2 +-
 bundle-audit.json     |  2 +-
 report.txt            | 11 ++++++++++-
 update-info.txt       | 12 ++++++++----
 4 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/bundle-audit-time.txt b/bundle-audit-time.txt
index 64ba12b..cd83636 100644
--- a/bundle-audit-time.txt
+++ b/bundle-audit-time.txt
@@ -1 +1 @@
-2023-11-01T12:10:21+01:00
+2023-11-02T12:37:02+01:00
diff --git a/bundle-audit.json b/bundle-audit.json
index ff82937..f027149 100644
--- a/bundle-audit.json
+++ b/bundle-audit.json
@@ -1 +1 @@
-{"version":"0.9.1","created_at":"2023-11-01 12:10:21 +0100","results":[]}
\ No newline at end of file
+{"version":"0.9.1","created_at":"2023-11-02 12:37:01 +0100","results":[{"type":"unpatched_gem","gem":{"name":"rmagick","version":"5.2.0"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/rmagick/CVE-2023-5349.yml","id":"CVE-2023-5349","url":"https://github.com/advisories/GHSA-frgf-8jr5-j2jv","title":"memory leak flaw was found in ruby-magick","date":"2023-10-30","description":"A memory leak flaw was found in ruby-magick, an interface between\nRuby and ImageMagick. This issue can lead to a denial of service\n(DOS) by memory exhaustion.\n","cvss_v2":null,"cvss_v3":5.3,"cve":"2023-5349","osvdb":null,"ghsa":"frgf-8jr5-j2jv","unaffected_versions":[],"patched_versions":[">= 5.3.0"],"criticality":"medium"}}]}
\ No newline at end of file
diff --git a/report.txt b/report.txt
index 8900c02..da50cb2 100644
--- a/report.txt
+++ b/report.txt
@@ -1 +1,10 @@
-No vulnerabilities found
+Name: rmagick
+Version: 5.2.0
+CVE: CVE-2023-5349
+GHSA: GHSA-frgf-8jr5-j2jv
+Criticality: Medium
+URL: https://github.com/advisories/GHSA-frgf-8jr5-j2jv
+Title: memory leak flaw was found in ruby-magick
+Solution: upgrade to '>= 5.3.0'
+
+Vulnerabilities found!
diff --git a/update-info.txt b/update-info.txt
index 6e0b1a6..1a82656 100644
--- a/update-info.txt
+++ b/update-info.txt
@@ -1,7 +1,11 @@
 Updating ruby-advisory-db ...
-Already up to date.
+Updating c558c02..a89b84a
+Fast-forward
+ gems/rmagick/CVE-2023-5349.yml | 26 ++++++++++++++++++++++++++
+ 1 file changed, 26 insertions(+)
+ create mode 100644 gems/rmagick/CVE-2023-5349.yml
 Updated ruby-advisory-db
 ruby-advisory-db:
-  advisories:	823 advisories
-  last updated:	2023-10-26 06:16:25 -0700
-  commit:	c558c02eab7abeb5bea441ed644881098b6bd5e5
+  advisories:	824 advisories
+  last updated:	2023-11-01 05:10:39 -0700
+  commit:	a89b84ace3631a4fc67a58a0433d8bc14d0c401d