[lint] Normalize indentation to two spaces.

Author: postmodern

Diff for: .yamllint.yml

@@ -3,4 +3,5 @@ extends: default
 rules:
   line-length: disable
   indentation:
+    spaces: 2
     indent-sequences: consistent

Diff for: gems/RedCloth/CVE-2012-6684.yml

@@ -10,9 +10,9 @@ description: 'Cross-site scripting (XSS) vulnerability in the RedCloth library 4
   via a javascript: URI.'
 cvss_v2: 4.3
 patched_versions:
-- '>= 4.3.0'
+  - '>= 4.3.0'
 related:
   url:
-  - https://github.com/jgarber/redcloth/commit/2f6dab4d6aea5cee778d2f37a135637fe3f1573c
-  - https://gist.github.com/co3k/75b3cb416c342aa1414c
-  - https://jgarber.lighthouseapp.com/projects/13054-redcloth/tickets/243-xss
+    - https://github.com/jgarber/redcloth/commit/2f6dab4d6aea5cee778d2f37a135637fe3f1573c
+    - https://gist.github.com/co3k/75b3cb416c342aa1414c
+    - https://jgarber.lighthouseapp.com/projects/13054-redcloth/tickets/243-xss

Diff for: gems/actionmailer/CVE-2013-4389.yml

@@ -13,6 +13,6 @@ description: |
   that is improperly handled during construction of a log message.
 cvss_v2: 4.3
 unaffected_versions:
-- "~> 2.3.2"
+  - "~> 2.3.2"
 patched_versions:
-- ">= 3.2.15"
+  - ">= 3.2.15"

Diff for: gems/actionpack-page_caching/CVE-2020-8159.yml

@@ -38,4 +38,4 @@ description: |
   Where the `show` action of the `BooksController` may be vulnerable.
 cvss_v3: 9.8
 patched_versions:
-- '>= 1.2.1'
+  - '>= 1.2.1'

Diff for: gems/actionpack/CVE-2011-3186.yml

@@ -13,4 +13,4 @@ description: |
   insufficient sanitization of the values provided for response content types.
 cvss_v2: 4.3
 patched_versions:
-- ">= 2.3.13"
+  - ">= 2.3.13"

Diff for: gems/actionpack/CVE-2011-4319.yml

@@ -16,5 +16,5 @@ description: |
   (application specific) sanitization of user provided input.
 cvss_v2: 4.3
 patched_versions:
-- ~> 3.0.11
-- '>= 3.1.2'
+  - ~> 3.0.11
+  - '>= 3.1.2'

Diff for: gems/actionpack/CVE-2012-1099.yml

@@ -14,6 +14,6 @@ description: |
   via vectors involving certain generation of OPTION elements within SELECT elements.
 cvss_v2: 4.3
 patched_versions:
-- "~> 3.0.12"
-- "~> 3.1.4"
-- ">= 3.2.2"
+  - "~> 3.0.12"
+  - "~> 3.1.4"
+  - ">= 3.2.2"

Diff for: gems/actionpack/CVE-2012-3424.yml

@@ -15,8 +15,8 @@ description: |
   helper method, as demonstrated by the authenticate_or_request_with_http_digest method.
 cvss_v2: 5.0
 unaffected_versions:
-- ">= 2.3.5, <= 2.3.14"
+  - ">= 2.3.5, <= 2.3.14"
 patched_versions:
-- "~> 3.0.16"
-- "~> 3.1.7"
-- ">= 3.2.7"
+  - "~> 3.0.16"
+  - "~> 3.1.7"
+  - ">= 3.2.7"

Diff for: gems/actionpack/CVE-2012-3463.yml

@@ -15,8 +15,8 @@ description: |
   the select_tag helper.
 cvss_v2: 4.3
 unaffected_versions:
-- "~> 2.3.0"
+  - "~> 2.3.0"
 patched_versions:
-- "~> 3.0.17"
-- "~> 3.1.8"
-- ">= 3.2.8"
+  - "~> 3.0.17"
+  - "~> 3.1.8"
+  - ">= 3.2.8"

Diff for: gems/actionpack/CVE-2012-3465.yml

@@ -14,6 +14,6 @@ description: |
   via malformed HTML markup.
 cvss_v2: 4.3
 patched_versions:
-- "~> 3.0.17"
-- "~> 3.1.8"
-- ">= 3.2.8"
+  - "~> 3.0.17"
+  - "~> 3.1.8"
+  - ">= 3.2.8"

Diff for: gems/actionpack/CVE-2013-0156.yml

@@ -17,7 +17,7 @@ description: |
   for (1) YAML type conversion or (2) Symbol type conversion.
 cvss_v2: 10.0
 patched_versions:
-- "~> 2.3.15"
-- "~> 3.0.19"
-- "~> 3.1.10"
-- ">= 3.2.11"
+  - "~> 2.3.15"
+  - "~> 3.0.19"
+  - "~> 3.1.10"
+  - ">= 3.2.11"

Diff for: gems/actionpack/CVE-2013-1855.yml

@@ -17,6 +17,6 @@ description: |
   XSS attacks against users of an application using Action Pack.
 cvss_v2: 4.3
 patched_versions:
-- "~> 2.3.18"
-- "~> 3.1.12"
-- ">= 3.2.13"
+  - "~> 2.3.18"
+  - "~> 3.1.12"
+  - ">= 3.2.13"

Diff for: gems/actionpack/CVE-2013-1857.yml

@@ -18,6 +18,6 @@ description: 'The sanitize helper in lib/action_controller/vendor/html-scanner/h
   Pack.'
 cvss_v2: 4.3
 patched_versions:
-- "~> 2.3.18"
-- "~> 3.1.12"
-- ">= 3.2.13"
+  - "~> 2.3.18"
+  - "~> 3.1.12"
+  - ">= 3.2.13"

Diff for: gems/actionpack/CVE-2013-4491.yml

@@ -16,5 +16,5 @@ description: |
   been assigned the identifier CVE-2013-4492.
 cvss_v2: 4.3
 patched_versions:
-- "~> 3.2.16"
-- ">= 4.0.2"
+  - "~> 3.2.16"
+  - ">= 4.0.2"

Diff for: gems/actionpack/CVE-2013-6414.yml

@@ -12,7 +12,7 @@ description: |
   Action View.
 cvss_v2: 5.0
 unaffected_versions:
-- "~> 2.3.0"
+  - "~> 2.3.0"
 patched_versions:
-- "~> 3.2.16"
-- ">= 4.0.2"
+  - "~> 3.2.16"
+  - ">= 4.0.2"

Diff for: gems/actionpack/CVE-2013-6415.yml

@@ -14,5 +14,5 @@ description: |
   which pass user controlled data as the unit parameter are vulnerable to an XSS attack.
 cvss_v2: 4.3
 patched_versions:
-- "~> 3.2.16"
-- ">= 4.0.2"
+  - "~> 3.2.16"
+  - ">= 4.0.2"

Diff for: gems/actionpack/CVE-2013-6416.yml

@@ -17,8 +17,8 @@ description: |
   attributes will be vulnerable to an XSS attack.
 cvss_v2: 4.3
 unaffected_versions:
-- "~> 2.3.0"
-- "~> 3.1.0"
-- "~> 3.2.0"
+  - "~> 2.3.0"
+  - "~> 3.1.0"
+  - "~> 3.2.0"
 patched_versions:
-- ">= 4.0.2"
+  - ">= 4.0.2"

Diff for: gems/actionpack/CVE-2013-6417.yml

@@ -18,5 +18,5 @@ description: |
   vulnerability.
 cvss_v2: 6.4
 patched_versions:
-- "~> 3.2.16"
-- ">= 4.0.2"
+  - "~> 3.2.16"
+  - ">= 4.0.2"

Diff for: gems/actionpack/CVE-2014-0081.yml

@@ -14,6 +14,6 @@ description: Multiple cross-site scripting (XSS) vulnerabilities in actionview/l
   or (c) number_to_human helper.
 cvss_v2: 4.3
 patched_versions:
-- ~> 3.2.17
-- ~> 4.0.3
-- '>= 4.1.0.beta2'
+  - ~> 3.2.17
+  - ~> 4.0.3
+  - '>= 4.1.0.beta2'

Diff for: gems/actionpack/CVE-2014-0082.yml

@@ -13,6 +13,6 @@ description: actionpack/lib/action_view/template/text.rb in Action View in Ruby
   of service (memory consumption) by including these strings in headers.
 cvss_v2: 5.0
 unaffected_versions:
-- ">= 4.0.0"
+  - ">= 4.0.0"
 patched_versions:
-- ">= 3.2.17"
+  - ">= 3.2.17"

Diff for: gems/actionpack/CVE-2014-0130.yml

@@ -16,6 +16,6 @@ description: |
   rails application server.
 cvss_v2: 4.3
 patched_versions:
-- "~> 3.2.18"
-- "~> 4.0.5"
-- ">= 4.1.1"
+  - "~> 3.2.18"
+  - "~> 4.0.5"
+  - ">= 4.1.1"

Diff for: gems/actionpack/CVE-2014-7818.yml

@@ -13,9 +13,9 @@ description: |
   exists.
 cvss_v2: 4.3
 unaffected_versions:
-- "< 3.0.0"
+  - "< 3.0.0"
 patched_versions:
-- "~> 3.2.20"
-- "~> 4.0.11"
-- "~> 4.1.7"
-- ">= 4.2.0.beta3"
+  - "~> 3.2.20"
+  - "~> 4.0.11"
+  - "~> 4.1.7"
+  - ">= 4.2.0.beta3"

Diff for: gems/actionpack/CVE-2014-7829.yml

@@ -14,10 +14,10 @@ description: |
   specially crafted string is slightly different.
 cvss_v2: 5.0
 unaffected_versions:
-- "< 3.0.0"
+  - "< 3.0.0"
 patched_versions:
-- "~> 3.2.21"
-- "~> 4.0.11.1"
-- "~> 4.0.12"
-- "~> 4.1.7.1"
-- ">= 4.1.8"
+  - "~> 3.2.21"
+  - "~> 4.0.11.1"
+  - "~> 4.0.12"
+  - "~> 4.1.7.1"
+  - ">= 4.1.8"

Diff for: gems/actionpack/CVE-2015-7576.yml

@@ -110,7 +110,7 @@ description: |
 cvss_v2: 4.3
 cvss_v3: 3.7
 patched_versions:
-- '>= 5.0.0.beta1.1'
-- ~> 4.2.5, >= 4.2.5.1
-- ~> 4.1.14, >= 4.1.14.1
-- ~> 3.2.22.1
+  - '>= 5.0.0.beta1.1'
+  - ~> 4.2.5, >= 4.2.5.1
+  - ~> 4.1.14, >= 4.1.14.1
+  - ~> 3.2.22.1

Diff for: gems/actionpack/CVE-2015-7581.yml

@@ -46,8 +46,8 @@ description: |
   Please note that only the 4.1.x and 4.2.x series are supported at present.  Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.
 cvss_v3: 7.5
 unaffected_versions:
-- < 4.0.0
-- '>= 5.0.0.beta1'
+  - < 4.0.0
+  - '>= 5.0.0.beta1'
 patched_versions:
-- ~> 4.2.5, >= 4.2.5.1
-- ~> 4.1.14, >= 4.1.14.1
+  - ~> 4.2.5, >= 4.2.5.1
+  - ~> 4.1.14, >= 4.1.14.1

Diff for: gems/actionpack/CVE-2016-0751.yml

@@ -65,7 +65,7 @@ description: |
 cvss_v2: 5.0
 cvss_v3: 7.5
 patched_versions:
-- '>= 5.0.0.beta1.1'
-- ~> 4.2.5, >= 4.2.5.1
-- ~> 4.1.14, >= 4.1.14.1
-- ~> 3.2.22.1
+  - '>= 5.0.0.beta1.1'
+  - ~> 4.2.5, >= 4.2.5.1
+  - ~> 4.1.14, >= 4.1.14.1
+  - ~> 3.2.22.1

Diff for: gems/actionpack/CVE-2016-0752.yml

@@ -84,10 +84,10 @@ description: |
   -------
   Thanks John Poulin for reporting this!
 unaffected_versions:
-- '>= 4.1.0'
+  - '>= 4.1.0'
 patched_versions:
-- '>= 5.0.0.beta1.1'
-- ~> 4.2.5, >= 4.2.5.1
-- ~> 4.1.14, >= 4.1.14.1
-- ~> 3.2.22.1
+  - '>= 5.0.0.beta1.1'
+  - ~> 4.2.5, >= 4.2.5.1
+  - ~> 4.1.14, >= 4.1.14.1
+  - ~> 3.2.22.1
 notes: Newer versions are affected, but tracked in the actionview gem.

Diff for: gems/actionpack/CVE-2016-2097.yml

@@ -79,9 +79,9 @@ description: |2
   Thanks to both Jyoti Singh and Tobias Kraze from makandra for reporting this
   and working with us in the patch!
 unaffected_versions:
-- '>= 4.1.0'
+  - '>= 4.1.0'
 patched_versions:
-- ~> 3.2.22.2
-- ~> 4.1.14
-- '>= 4.1.14.2'
+  - ~> 3.2.22.2
+  - ~> 4.1.14
+  - '>= 4.1.14.2'
 notes: Newer versions are affected, but tracked in the actionview gem.

Diff for: gems/actionpack/CVE-2016-2098.yml

@@ -80,8 +80,8 @@ description: |
   reporting this!
 cvss_v3: 7.3
 unaffected_versions:
-- '>= 5.0.0.beta1'
+  - '>= 5.0.0.beta1'
 patched_versions:
-- ~> 3.2.22.2
-- ~> 4.2.5, >= 4.2.5.2
-- ~> 4.1.14, >= 4.1.14.2
+  - ~> 3.2.22.2
+  - ~> 4.2.5, >= 4.2.5.2
+  - ~> 4.1.14, >= 4.1.14.2

Diff for: gems/actionpack/CVE-2016-6316.yml

@@ -44,10 +44,10 @@ description: |
   content_tag(:div, "hi", title: escape_quotes(sanitize(user_input)))
   ```
 unaffected_versions:
-- < 3.0.0
-- '>= 4.1.0'
+  - < 3.0.0
+  - '>= 4.1.0'
 patched_versions:
-- ~> 3.2.22.3
-- ~> 4.2.7.1
-- '>= 5.0.0.1'
+  - ~> 3.2.22.3
+  - ~> 4.2.7.1
+  - '>= 5.0.0.1'
 notes: Newer versions are affected, but tracked in the actionview gem.

Diff for: gems/actionpack/CVE-2020-8164.yml

@@ -43,7 +43,7 @@ description: |
   application.
 cvss_v3: 7.5
 unaffected_versions:
-- "< 4.0.0"
+  - "< 4.0.0"
 patched_versions:
-- "~> 5.2.4, >= 5.2.4.3"
-- ">= 6.0.3.1"
+  - "~> 5.2.4, >= 5.2.4.3"
+  - ">= 6.0.3.1"

Diff for: gems/actionpack/CVE-2020-8166.yml

@@ -28,5 +28,5 @@ description: |
   until such time as the application can be upgraded.
 cvss_v3: 4.3
 patched_versions:
-- "~> 5.2.4, >= 5.2.4.3"
-- ">= 6.0.3.1"
+  - "~> 5.2.4, >= 5.2.4.3"
+  - ">= 6.0.3.1"

Diff for: gems/actionpack/CVE-2020-8185.yml

@@ -36,6 +36,6 @@ description: |
   `config.middleware.delete ActionDispatch::ActionableExceptions`
 cvss_v3: 6.5
 unaffected_versions:
-- "< 6.0.0"
+  - "< 6.0.0"
 patched_versions:
-- ">= 6.0.3.2"
+  - ">= 6.0.3.2"

Diff for: gems/actionpack/CVE-2020-8264.yml

@@ -31,6 +31,6 @@ description: |
   `config.middleware.delete ActionDispatch::ActionableExceptions`
 cvss_v3: 6.1
 unaffected_versions:
-- < 6.0.0
+  - < 6.0.0
 patched_versions:
-- '>= 6.0.3.4'
+  - '>= 6.0.3.4'

Diff for: gems/actionpack/CVE-2021-22881.yml

@@ -61,7 +61,7 @@ description: |
   ```
 cvss_v3: 6.1
 unaffected_versions:
-- "< 6.0.0"
+  - "< 6.0.0"
 patched_versions:
-- "~> 6.0.3, >= 6.0.3.5"
-- ">= 6.1.2.1"
+  - "~> 6.0.3, >= 6.0.3.5"
+  - ">= 6.1.2.1"

Diff for: gems/actionpack/CVE-2021-22885.yml

@@ -59,9 +59,9 @@ description: |
   ```
 cvss_v3: 7.5
 unaffected_versions:
-- < 2.0.0
+  - < 2.0.0
 patched_versions:
-- ~> 5.2.4.6
-- ~> 5.2.6
-- ~> 6.0.3, >= 6.0.3.7
-- '>= 6.1.3.2'
+  - ~> 5.2.4.6
+  - ~> 5.2.6
+  - ~> 6.0.3, >= 6.0.3.7
+  - '>= 6.1.3.2'