Fixed two sets of advisories with problem URLs

gems/blockchain_wallet/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: blockchain_wallet
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in blockchain_wallet
 date: 2019-08-20
 description: |

gems/bundler/CVE-2020-36327.yml

@@ -3,7 +3,7 @@ gem: bundler
 cve: 2020-36327
 ghsa: fp4w-jxhp-m23p
 date: 2020-09-30
-url: https://github.com/rubygems/rubygems/issues/3982
+url: https://github.com/advisories/GHSA-fp4w-jxhp-m23p
 title: Dependency Confusion in Bundler with Implicit Private Dependencies
 description: |
   Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.17 sometimes chooses a
@@ -28,3 +28,4 @@ related:
     - https://www.zofrex.com/blog/2021/04/29/bundler-still-vulnerable-dependency-confusion-cve-2020-36327/
     - https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24105
     - https://github.com/rubygems/rubygems/pull/4609
+    - https://github.com/advisories/GHSA-fp4w-jxhp-m23p

gems/capistrano-colors/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: capistrano-colors
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in capistrano-colors
 date: 2019-08-20
 description: |

gems/coin_base/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: coin_base
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in coin_base
 date: 2019-08-20
 description: |

gems/coming-soon/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: coming-soon
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in coming-soon
 date: 2019-08-20
 description: |

gems/cron_parser/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: cron_parser
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in cron_parser
 date: 2019-08-20
 description: |

gems/devise/CVE-2019-16109.yml

@@ -2,7 +2,7 @@
 gem: devise
 cve: 2019-16109
 ghsa: fcjw-8rhj-gwwc
-url: https://github.com/plataformatec/devise/issues/5071
+url: https://github.com/advisories/GHSA-fcjw-8rhj-gwwc
 title: Devise Gem for Ruby confirmation token validation with a blank string
 date: 2019-09-08
 description: |
@@ -12,3 +12,8 @@ description: |
 cvss_v3: 5.3
 patched_versions:
   - ">= 4.7.1"
+related:
+  url:
+    - https://github.com/heartcombo/devise/blob/v4.7.1/CHANGELOG.md
+    - https://github.com/heartcombo/devise/pull/5132
+    - https://github.com/heartcombo/devise/issues/5071

gems/devise/CVE-2019-5421.yml

@@ -2,7 +2,7 @@
 gem: devise
 cve: 2019-5421
 ghsa: 73rf-6mrf-759q
-url: https://github.com/plataformatec/devise/issues/4981
+url: https://github.com/advisories/GHSA-73rf-6mrf-759q
 title: Devise Gem for Ruby Time-of-check Time-of-use race condition with lockable
   module
 date: 2019-02-07
@@ -14,3 +14,6 @@ cvss_v2: 7.5
 cvss_v3: 9.8
 patched_versions:
   - ">= 4.6.0"
+related:
+  url:
+    - https://github.com/heartcombo/devise/issues/4981

gems/doge-coin/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: doge-coin
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in doge-coin
 date: 2019-08-20
 description: |

gems/lita_coin/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: lita_coin
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 date: 2019-08-20
 title: Code execution backdoor in lita_coin
 description: |

gems/logstash/CVE-2014-4326.yml

@@ -2,7 +2,7 @@
 gem: logstash
 cve: 2014-4326
 ghsa: 8qhq-rq4j-8prj
-url: https://www.elastic.co/community/security
+url: https://web.archive.org/web/20140804031140/http://www.elasticsearch.org/blog/logstash-1-4-2
 title: Elasticsearch Logstash allows remote attackers to execute arbitrary commands
 date: 2022-05-14
 description: |
@@ -17,7 +17,6 @@ patched_versions:
 related:
   url:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4326
-    - https://www.elastic.co/community/security
     - https://web.archive.org/web/20140804031140/http://www.elasticsearch.org/blog/logstash-1-4-2
     - https://web.archive.org/web/20201207013408/http://www.securityfocus.com/archive/1/532841/100/0/threaded
     - https://github.com/advisories/GHSA-8qhq-rq4j-8prj

gems/mini_magick/CVE-2019-13574.yml

@@ -2,7 +2,7 @@
 gem: mini_magick
 cve: 2019-13574
 ghsa: r7j3-vvh2-xrpj
-url: https://benjamin-bouchet.com/blog/vulnerabilite-dans-la-gem-mini_magick-version-4-9-4/
+url: https://github.com/advisories/GHSA-r7j3-vvh2-xrpj
 title: Remote command execution via filename
 date: 2019-07-12
 description: |

gems/omniauth_amazon/CVE-2019-15224.yml

@@ -2,7 +2,7 @@
 gem: omniauth_amazon
 cve: 2019-15224
 ghsa: 333g-rpr4-7hxq
-url: https://github.com/rubygems.org/issues/2097
+url: https://github.com/advisories/GHSA-333g-rpr4-7hxq
 title: Code execution backdoor in omniauth_amazon
 date: 2019-08-20
 description: |

gems/passenger/CVE-2018-12026.yml

@@ -2,7 +2,7 @@
 gem: passenger
 cve: 2018-12026
 ghsa: 7cv3-gvmc-8mq5
-url: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
+url: https://github.com/advisories/GHSA-7cv3-gvmc-8mq5
 title: SpawningKit exploits
 date: 2018-06-12
 description: |

gems/passenger/CVE-2018-12029.yml

@@ -2,7 +2,7 @@
 gem: passenger
 cve: 2018-12029
 ghsa: jjcj-fgfm-9g9r
-url: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
+url: https://github.com/advisories/GHSA-jjcj-fgfm-9g9r
 title: CHMOD race vulnerability
 date: 2018-06-12
 description: |

gems/spree/CVE-2010-3978.yml

@@ -3,7 +3,7 @@ gem: spree
 cve: 2010-3978
 osvdb: 69098
 ghsa: hwrx-wc75-mgh7
-url: https://spreecommerce.com/blog/json-hijacking-vulnerability
+url: https://github.com/advisories/GHSA-hwrx-wc75-mgh7
 title:
   Spree Multiple Script JSON Request Validation Weakness Remote Information
   Disclosure

rubies/jruby/CVE-2010-1330.yml

@@ -2,7 +2,7 @@
 engine: jruby
 cve: 2010-1330
 osvdb: 77297
-url: http://jruby.org/2010/04/26/jruby-1-4-1-xss-vulnerability
+url: https://www.jruby.org/2010/04/26/jruby-1-4-1-xss-vulnerability
 title: 'CVE-2010-1330 jruby: XSS in the regular expression engine when processing
   invalid UTF-8 byte sequences'
 date: 2010-04-26

rubies/jruby/CVE-2011-4838.yml

@@ -2,7 +2,7 @@
 engine: jruby
 cve: 2011-4838
 osvdb: 78116
-url: http://jruby.org/2011/12/27/jruby-1-6-5-1
+url: https://www.jruby.org/2011/12/27/jruby-1-6-5-1
 title: "CVE-2011-4838 jruby: hash table collisions DoS (oCERT-2011-003)"
 date: 2011-12-27
 description: |

rubies/jruby/CVE-2012-5370.yml

@@ -2,7 +2,7 @@
 engine: jruby
 cve: 2012-5370
 osvdb: 87864
-url: http://jruby.org/2012/12/03/jruby-1-7-1
+url: https://www.jruby.org/2012/12/03/jruby-1-7-1
 title: "CVE-2012-5370 jruby: Murmur hash function collisions (oCERT-2012-001)"
 date: 2012-11-23
 description: |