From d7edb7c40894247c00553e35f94e428ddf0c9dd9 Mon Sep 17 00:00:00 2001
From: Fabrizio Mele <fabrizio@mele.io>
Date: Mon, 4 Mar 2024 23:42:13 +0100
Subject: [PATCH] Mark rack-cors 2.0.2 as resolving CVE-2024-27456 (#760)

* https://github.com/cyu/rack-cors/issues/274
---
 gems/rack-cors/CVE-2024-27456.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gems/rack-cors/CVE-2024-27456.yml b/gems/rack-cors/CVE-2024-27456.yml
index fda7c6ecb9..00f2ee7834 100644
--- a/gems/rack-cors/CVE-2024-27456.yml
+++ b/gems/rack-cors/CVE-2024-27456.yml
@@ -8,9 +8,10 @@ date: 2024-02-26
 description: |
   rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions
   for the .rb files.
-notes: Not yet patched
 unaffected_versions:
   - "< 2.0.1"
+patched_versions:
+  - ">= 2.0.2"
 related:
   url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-27456