Accepted ruby2.3 2.3.3-1+deb9u2 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 22 Oct 2017 12:45:48 -0200
Source: ruby2.3
Binary: ruby2.3 libruby2.3 ruby2.3-dev ruby2.3-doc ruby2.3-tcltk
Architecture: source amd64 all
Version: 2.3.3-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Antonio Terceiro <terceiro@debian.org>
Changed-By: Antonio Terceiro <terceiro@debian.org>
Description:
libruby2.3 - Libraries necessary to run Ruby 2.3
ruby2.3 - Interpreter of object-oriented scripting language Ruby
ruby2.3-dev - Header files for compiling extension modules for the Ruby 2.3
ruby2.3-doc - Documentation for Ruby 2.3
ruby2.3-tcltk - Ruby/Tk for Ruby 2.3
Closes: 875928 875931 875936 876377 879231
Changes:
ruby2.3 (2.3.3-1+deb9u2) stretch-security; urgency=high
.
* asn1: fix out-of-bounds read in decoding constructed objects
[CVE-2017-14033] (Closes: #875928)
Original patch by Kazuki Yamaguchi; backported from the standalone openssl package
* lib/webrick/log.rb: sanitize any type of logs
[CVE-2017-10784] (Closes: #875931)
Original patch by Yusuke Endoh; backported to Ruby 2.3 by Usaku NAKAMURA
* fix Buffer underrun vulnerability in Kernel.sprintf
[CVE-2017-0898] (Closes: #875936)
Backported to Ruby 2.3 by Usaku NAKAMURA
* Whitelist classes and symbols that are in Gem spec YAML
[CVE-2017-0903] (Closes: #879231)
Original patch by Aaron Patterson; backported from the standalone Rubygems
package
* thread_pthread.c: do not wakeup inside child processes
Avoid child Ruby processed being stuck in a busy loop (Closes: #876377)
Original patch by Eric Wong
Checksums-Sha1:
fc2239753ec5a97c0033669260c38404b033bc89 2503 ruby2.3_2.3.3-1+deb9u2.dsc
9392e4fac0a593c277f6b9402b0c951272ccabea 101656 ruby2.3_2.3.3-1+deb9u2.debian.tar.xz
54e0e758b6cf8fd9d378e3b23fd244d1b2a633ba 4605396 libruby2.3-dbgsym_2.3.3-1+deb9u2_amd64.deb
9c6b7dcc9a8dd007945e86262f8a94031a7381e8 3107924 libruby2.3_2.3.3-1+deb9u2_amd64.deb
a1ea5960d3abc6b4d0536d19cb1d566b129ff3f3 5220 ruby2.3-dbgsym_2.3.3-1+deb9u2_amd64.deb
b597042769944f9badb8c5f3c61630ae466ebe30 1178978 ruby2.3-dev_2.3.3-1+deb9u2_amd64.deb
6f1ac5dc45a13a762b136273e2bedb925bfa637a 3512074 ruby2.3-doc_2.3.3-1+deb9u2_all.deb
ad377c0a3d547f94e5aaab6d650a7ff493fe6d3a 193486 ruby2.3-tcltk-dbgsym_2.3.3-1+deb9u2_amd64.deb
826a6c7e18a9b1d67d810c21b7b2e22ab5b36e75 421734 ruby2.3-tcltk_2.3.3-1+deb9u2_amd64.deb
752d848843e0f462fe4885c08d94224ad030a4bd 10438 ruby2.3_2.3.3-1+deb9u2_amd64.buildinfo
0d7262d3f312379a98b0e3a61dab9567f4bbbcf9 187302 ruby2.3_2.3.3-1+deb9u2_amd64.deb
Checksums-Sha256:
d778479ae0bc2fe196d8ea7737581346311032e56bcac8e5e59d4ce145a1b041 2503 ruby2.3_2.3.3-1+deb9u2.dsc
1ecfd9d44396afcddaa349f87af1fd82ce2ccfe610f7ff1eb71fca8d69365595 101656 ruby2.3_2.3.3-1+deb9u2.debian.tar.xz
3284f4a8cfb768da7be774f11046fd137623d5f595e314c1a4f778ba77609e67 4605396 libruby2.3-dbgsym_2.3.3-1+deb9u2_amd64.deb
96f76e6cc5ebbbe8f641b87225f2ddd3181ed8f911d398869410fd1433f2c3e5 3107924 libruby2.3_2.3.3-1+deb9u2_amd64.deb
2b6f776129d69acf337c7d36fad5eb0365e38e0860f0a2e52600835927ae2dc1 5220 ruby2.3-dbgsym_2.3.3-1+deb9u2_amd64.deb
4cf5b34f55080513f2bc6d2b858bb931670c1ca47854ce4bb18cc1efbd1710aa 1178978 ruby2.3-dev_2.3.3-1+deb9u2_amd64.deb
7250d38b09c3f1b7c503d7fb216c17f0d16ad84ccce3ad92f8879be1bc5ebd2d 3512074 ruby2.3-doc_2.3.3-1+deb9u2_all.deb
b609eac308ea13b266527f7481400d509de24e31a10b21e0875b8843bf8d388a 193486 ruby2.3-tcltk-dbgsym_2.3.3-1+deb9u2_amd64.deb
1c835445a1f2a483b7c1c991258c41a8d28ab9d888e7ffa7835c60400bf74fc0 421734 ruby2.3-tcltk_2.3.3-1+deb9u2_amd64.deb
069ac11dc8330b315ed4d5f2c0c551e77c2816f44fa2ca3d1fea2c4b6becf3ed 10438 ruby2.3_2.3.3-1+deb9u2_amd64.buildinfo
57c58081129c16005baeb591b23839541cbe3445ff873211b18bff63637993d5 187302 ruby2.3_2.3.3-1+deb9u2_amd64.deb
Files:
51e216e75018504d050a6b1e7294652d 2503 ruby optional ruby2.3_2.3.3-1+deb9u2.dsc
36c9812418be88cd206d34031d498cbb 101656 ruby optional ruby2.3_2.3.3-1+deb9u2.debian.tar.xz
75e8a3a9893bd2f42f0756e19ce02d2a 4605396 debug extra libruby2.3-dbgsym_2.3.3-1+deb9u2_amd64.deb
423fe6f9c315c34f55e0c8a14479366f 3107924 libs optional libruby2.3_2.3.3-1+deb9u2_amd64.deb
116c2ffa0f00a2456addf3b6904470d0 5220 debug extra ruby2.3-dbgsym_2.3.3-1+deb9u2_amd64.deb
2316a3c3bca8e8a41e7fc8d4cf3c5ae7 1178978 ruby optional ruby2.3-dev_2.3.3-1+deb9u2_amd64.deb
adba35efe792b47ba689959d01bebe99 3512074 doc optional ruby2.3-doc_2.3.3-1+deb9u2_all.deb
afb7f367e072f990f1323ff249df2c77 193486 debug extra ruby2.3-tcltk-dbgsym_2.3.3-1+deb9u2_amd64.deb
cf32242176e6171cb33a2177527cc3ec 421734 ruby optional ruby2.3-tcltk_2.3.3-1+deb9u2_amd64.deb
efffe6b39a0ab676da405989f2d6ea96 10438 ruby optional ruby2.3_2.3.3-1+deb9u2_amd64.buildinfo
cc5a12044ffd2fe035005c22e312629b 187302 ruby optional ruby2.3_2.3.3-1+deb9u2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAloB6gQACgkQ/A2xu81G
C94K3BAAtr/wjjKciR9DeendO3iFQRNxhegngn1oIU8HnrchWdDl2IQGPfF8HJLy
KBkI8iPW6I57pxtk0uMOLkYE1vlCqZSFOFZ2yCVDWaHRqOS+r2O5mRxfSCjoWkiH
NPh/B85uy/iNMsg5F9m3RMYh8/m6DHmmxPv5RqTf+1dHu5YXtaziCFSUk37COE1j
tsgLvgnM8GaTM4p2mKdD52hMieeeB6cI6MBCHt98Jm9wSx644/9pO3gPr0bniplz
u4NNkC2Fo2IZGoAaiqeM3qooXQemEkb70eQwwRZVN8IXHgo3mRbNRXoY1SkvylCo
B1ZrMFdRusiBaOXBHJiZNqcgO0dlN0mK/SZ5H8OOhwxN9YySDbLXAp3oSsQDaeZF
p/tYHNNEZW9VvoRm6xPPxTbDNkb5/66nnO+QK+IUru+zdWXoVpbSGhFKiFzJiLm2
v7pUwWUFfhrq7/ZG68QV1PXP4/2zTzZlQJd6jao1jAV/M1Qy3S/lfKbRZ7w890j9
usezaAfZMqVOToDJYRW76Z8/H2GLjgw95crRkxXGovLY8AeX76qjY5YYZim8hxrh
bq4flRhFzkeMbS6y1Yn6p0/V8jE0XtEdgW4Znch8eBblz868View8zjtCo9mO3Wp
MtgQVlBerOAtnijO8iiXfEl1CfiJFbmoqmd0kBXwvHM68/cvNfk=
=rnTR
-----END PGP SIGNATURE-----