Accepted rails 2:4.2.5.1-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Jan 2016 10:56:35 -0200
Source: rails
Binary: ruby-activesupport ruby-activerecord ruby-activemodel ruby-activejob ruby-actionview ruby-actionpack ruby-actionmailer ruby-railties ruby-rails rails
Architecture: source
Version: 2:4.2.5.1-1
Distribution: unstable
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Antonio Terceiro <terceiro@debian.org>
Description:
rails - MVC ruby based framework geared for web application development (
ruby-actionmailer - email composition, delivery, and receiving framework (part of Rai
ruby-actionpack - web-flow and rendering framework putting the VC in MVC (part of R
ruby-actionview - framework for handling view template lookup and rendering (part o
ruby-activejob - job framework with pluggable queues
ruby-activemodel - toolkit for building modeling frameworks (part of Rails)
ruby-activerecord - object-relational mapper framework (part of Rails)
ruby-activesupport - Support and utility classes used by the Rails 4.1 framework
ruby-rails - MVC ruby based framework geared for web application development
ruby-railties - tools for creating, working with, and running Rails applications
Changes:
rails (2:4.2.5.1-1) unstable; urgency=high
.
* New upstream release. Includes fixes for the following several security
issues:
- [CVE-2015-7576] Timing attack vulnerability in basic authentication in
Action Controller.
- [CVE-2016-0751] Possible Object Leak and Denial of Service attack in
Action Pack
- [CVE-2015-7577] Nested attributes rejection proc bypass in Active Record.
- [CVE-2016-0752] Possible Information Leak Vulnerability in Action View
- [CVE-2016-0753] Possible Input Validation Circumvention in Active Model
- [CVE-2015-7581] Object leak vulnerability for wildcard controller routes
in Action Pack
Checksums-Sha1:
533ccfb78c5aae0ca449acdff1c3cb6935827284 2541 rails_4.2.5.1-1.dsc
417669dc39c34c4cc04224a17deeeb4e94943f93 4175926 rails_4.2.5.1.orig.tar.gz
525f9cc6ee420a772b389ac4e9b1aa0699f56a9e 89376 rails_4.2.5.1-1.debian.tar.xz
Checksums-Sha256:
9941d2707bf3079202ffd068e4440757d0e19c8e47001afca78ca875a4d3baab 2541 rails_4.2.5.1-1.dsc
713da4f88244101457b4de5d08007f4b373cb43c3982d72de70bb5c5145afb46 4175926 rails_4.2.5.1.orig.tar.gz
78879268308b353331c30c3cd77286af137932694153f149465b6abb0dadaba5 89376 rails_4.2.5.1-1.debian.tar.xz
Files:
98985071b83cba77489ccc108c3ae8d1 2541 ruby optional rails_4.2.5.1-1.dsc
722f5665e01ad69968001d168a7fbb1b 4175926 ruby optional rails_4.2.5.1.orig.tar.gz
0be1048e77e2c6f9ba32b8a19d279406 89376 ruby optional rails_4.2.5.1-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJWqhIJAAoJEPwNsbvNRgveRncP/0TfzDIX3tR58WBOgBMxkfK/
kg1fOvOQXbm1jy5v7Je/8hzNS+6o98R4Kom8uoZhU4xWkoUzUl0QorlRH96aMzwo
qXyaB3D/m1zSTMAYtUTvp46iKuZrtuPRSKrhGRqWrwz76Z4gh5MTyUPh/VriCJgW
3ZIPZPgZDgt0e3DYqzlKn1A+N9+tXempQjL8Q3MftmS6GyJ4ZM7g0R0q8BhN9mit
HP2rSpx0A+GL6nBopMNv5jlUCr3U8R98haN7beyj5c6Zzgju9oG6Xpb8MyuiptYj
ZrezBN8VRBPQJRl/bCsA7txRXSJAy7ndrBz4aHByGeS3zrPic7TEPLeiWW1BWF+D
HQbm4G+RVMdUlt6CLLHuoHqAunWkl4jhYIs3fZ/HsJhfdvMtnEb9GYnqvvVnzwC/
apV+if2suQsV0ikdeu4ILO0p3z/ewY2pSmxkHQHCRHY+6XayFz3BBe2oAsiLPMzd
VYVm7V/WCSvjHo2UizpHsxv3JLeN8Ad+6hsYTIMcrd9uP2bwCmAQOFGGzU27D+Yk
f5F1wcpQhjczireLw4pZqobZsGi8jK7+4MA2YyuXEzMUbhhs7X1a3tYNuR64/D5c
/VD4y593pv2LLPP8N+rQYRd+PHudSDl70jdz/6UkwdmKOVAqnpmWvrCfo4Z19vkr
6fxcdvAcXgZjhqjk8Utl
=mlw+
-----END PGP SIGNATURE-----