Accepted ruby-doorkeeper 4.4.2-1+deb10u1 (source all) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted ruby-doorkeeper 4.4.2-1+deb10u1 (source all) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 12 Jul 2023 13:10:22 +0000
- Debian: DAK
- Debian-architecture: source all
- Debian-archive-action: accept
- Debian-changes: ruby-doorkeeper_4.4.2-1+deb10u1_amd64.changes
- Debian-source: ruby-doorkeeper
- Debian-suite: oldoldstable
- Debian-version: 4.4.2-1+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=miwNxJ0UZIuWnB7BwQNGVj/vqmSz8Ruadh2q94MXDio=; b=tUhqYmN2fO4UiTeDYprlnHqIzT mKIOf4CUkdpljTeHeJXoNWnu5gCnRoYJfoz3m/o4hViQQNn4nqvxed43JYs3M0SlGBrdKsonBkyiL RQPv2ENfeu2WBgcdhUkG4FyMFcrgBPtOK+7Z3orXWEkQv3kO4i8iC6KCoBPVG/5FWlSNOWBeh1U2l uznquy2g+37Ylq2lAgM0lTrzl28NUsF5ij/D3MjgNcyTtX3TCZoscKb52hZ410F6SgFG+m8P/vhcU 70IKkfQdFwW+c6gjdjl+lKGxvwi0akr20yAOxOvP5OqIZ6D4HrqMpp9qwb7tt2Jr4czAi7Kh3Kn4t XTFHvpJQ==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qJZbq-00CKj3-Cz@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 07 Jul 2023 17:24:05 +0100
Source: ruby-doorkeeper
Binary: ruby-doorkeeper
Architecture: source all
Version: 4.4.2-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
ruby-doorkeeper - OAuth 2 provider for Rails and Grape
Closes: 1038950
Changes:
ruby-doorkeeper (4.4.2-1+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the Debian LTS team.
* CVE-2023-34246: It was discovered that Doorkeeper automatically processed
authorization requests without user consent for public clients that have
been previously approved; public clients are inherently vulnerable to
impersonation as their identity cannot be assured. (Closes: #1038950)
Checksums-Sha1:
0ece4900e7f6654d22c3896a1a7483337eb538aa 2142 ruby-doorkeeper_4.4.2-1+deb10u1.dsc
8aa946fc778687ede70bbda5772ce26498bc0e28 117423 ruby-doorkeeper_4.4.2.orig.tar.gz
982d1c6bda97d41d9069b077d47b73c66041192a 4528 ruby-doorkeeper_4.4.2-1+deb10u1.debian.tar.xz
b2f71b1fad78854d4be91a4d165ed0340399cb6d 49596 ruby-doorkeeper_4.4.2-1+deb10u1_all.deb
2578e0335a62b7d3a7f6a765dbbe1257197810b1 10247 ruby-doorkeeper_4.4.2-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
9d90d71e4274de3456c9c892135f5c54d96ba8e5ad8e1ef76554f6bc9b2377d7 2142 ruby-doorkeeper_4.4.2-1+deb10u1.dsc
fed606a0f01801bca3042c0b546b393c972fd7353785f1798f915e924bca7b99 117423 ruby-doorkeeper_4.4.2.orig.tar.gz
838bb40df447299fd444da52ad1e872dcfe9f219958a14a119c150916f587e01 4528 ruby-doorkeeper_4.4.2-1+deb10u1.debian.tar.xz
9c5c914a16eee4421078085e98b82b5c3d51f7a2007c87395676ea4d8754a0dc 49596 ruby-doorkeeper_4.4.2-1+deb10u1_all.deb
91cfe3d541c81eb30dff4b9a1f9f082783a3508db08968e91703f2b8b004c065 10247 ruby-doorkeeper_4.4.2-1+deb10u1_amd64.buildinfo
Files:
4e5720f33fb6d3c52615004a3b9a8a22 2142 ruby optional ruby-doorkeeper_4.4.2-1+deb10u1.dsc
5d6242a2044ee1bd17bb5db5ffe4cb93 117423 ruby optional ruby-doorkeeper_4.4.2.orig.tar.gz
79ecbf460b8d5a1f2c4ec8309bdb40c9 4528 ruby optional ruby-doorkeeper_4.4.2-1+deb10u1.debian.tar.xz
378682349a9bcf0b6ad6e5398731ddf4 49596 ruby optional ruby-doorkeeper_4.4.2-1+deb10u1_all.deb
1500e951e0893146ed93c76db301e50f 10247 ruby optional ruby-doorkeeper_4.4.2-1+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmSupDQACgkQHpU+J9Qx
HliAGw/+OOL6ae9AlNGZC5WURRmVts4676s29vx4DJDWTq916dcl1Dh0EnF+xBHs
/k9e2dyR2Qk0VyDctZQlnDZ3BlcDWGPmkubfJn4m87EIzs5wDK32f/Nph15b12i1
L7jYeyiclTGzdBFqOz+KSwyQJqvOciEIyxCnuD7QWtDHH3Pl+V4H7pWUtbkxRVW3
Adg5kTDj6vfwA1ofkEBuuMtnhzvfVnyycCwIBtD5+d21pzWgrO80rWAlrZJhSxTV
cvYV1jS5eU1mtoSADR+z2kmq4qtRqbQnOyp3wFQ3Svo8OBcw/qWQNOsT6gNdfFba
3H6q2cMCGQSNXk4wc9+R3kdvVvVL07FfiHVhBesmI/LEt+isitTNSaCREbO14Q8O
/nX2vU6sEfluzMly06sRYthyFHIIDeeViQpM1mbYwYoEsvuCk0wY/SBrl2INgLtA
ob4mWUGkCNWupKbCXaKmT0qZEdwTup3keQOTmBFNwetThiDJUe65V1g99lhXsZPS
sfr7DMX909C4T3076TFyCy3F4Dxcyy21CelQ513DfB4XakbMpLiV92XL3NRHdH2a
vcLXw0v1Bd+tYHXxPeCIIY2KRteb52bCzG9sFuR/KNbG6IHOuE39tDF6FTR4xN0j
tTpCW+rGfVr5h/dEKGfLtmYESe/FOT8ZZQid3S1bQBDkIPP28EA=
=iTD5
-----END PGP SIGNATURE-----