Convert bson's vendor_patch to use related URLs instead

reedloden · reedloden · commit 2fd24d19bcc5 · 2018-07-11T14:04:43.000-07:00
Fixes #342.
diff --git a/gems/bson/CVE-2015-4412.yml b/gems/bson/CVE-2015-4412.yml
@@ -8,9 +8,11 @@ date: 2015-06-04
 description: >-
   A flaw in the ObjectId validation regular expression can enable attackers to inject arbitrary information into a given BSON object.
 
-vendor_patch: 
-  - https://github.com/mongodb/mongo-ruby-driver/compare/6ae981167759d5819ba3d41e374e5b2af5b79077~1...9859a3ab9773a8a883eb8438b665a921cc991c71
-  - https://github.com/mongodb/bson-ruby/compare/7446d7c6764dfda8dc4480ce16d5c023e74be5ca...28f34978a85b689a4480b4d343389bf4886522e7
 patched_versions:
   - "~> 1.12.3"
   - ">= 3.0.4"
+
+related:
+  url:
+    - https://github.com/mongodb/mongo-ruby-driver/compare/6ae981167759d5819ba3d41e374e5b2af5b79077~1...9859a3ab9773a8a883eb8438b665a921cc991c71
+    - https://github.com/mongodb/bson-ruby/compare/7446d7c6764dfda8dc4480ce16d5c023e74be5ca...28f34978a85b689a4480b4d343389bf4886522e7
