Back to ruby2.5 PTS page

Accepted ruby2.5 2.5.5-3+deb10u4 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted ruby2.5 2.5.5-3+deb10u4 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 05 Feb 2022 19:03:12 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nGQL2-0007sS-Ju@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 16 Jan 2022 19:56:28 +0530
Source: ruby2.5
Architecture: source
Version: 2.5.5-3+deb10u4
Distribution: buster-security
Urgency: high
Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Changes:
 ruby2.5 (2.5.5-3+deb10u4) buster-security; urgency=high
 .
   * Add patch to use File.open to fix the OS Command
     Injection vulnerability. (Fixes: CVE-2021-31799)
   * Add patch to fix StartTLS stripping vulnerability.
     (Fixes: CVE-2021-32066)
   * Add patch to ignore IP addresses in PASV responses
     by default. (Fixes: CVE-2021-31810)
   * Add length limit option for methods that parses
     date strings. (Fixes: CVE-2021-41817)
   * When parsing cookies, only decode the values.
     (Fixes: CVE-2021-41819)
   * Add patch to backport rexml upstream bug fixes.
     (Fixes: CVE-2021-28965)
Checksums-Sha1:
 d157c9911db77f02c0d7a32d12de6f05b568d9e5 2482 ruby2.5_2.5.5-3+deb10u4.dsc
 c477ffe8f8ed605036df6c8892bd3c800b8e9722 10208264 ruby2.5_2.5.5.orig.tar.xz
 f1d779f5feda98ada6063ac8973175695b4ba191 134840 ruby2.5_2.5.5-3+deb10u4.debian.tar.xz
 08140baa34ab50a0b398023a590c8181bba77a01 6538 ruby2.5_2.5.5-3+deb10u4_source.buildinfo
Checksums-Sha256:
 4f24aabab7c7000a37c467d136695539875265b59520786982886e0c8cffe621 2482 ruby2.5_2.5.5-3+deb10u4.dsc
 a49a222bbeeeb0191ae043a509cd05137869f971a33fef74d3c0aaae95170877 10208264 ruby2.5_2.5.5.orig.tar.xz
 cf9d286b71862c68b6e55541e03cca49584616b68d5c61da284c42e19c07f9d0 134840 ruby2.5_2.5.5-3+deb10u4.debian.tar.xz
 be6690c1e64e215331199052d69a5fa6854f44a4fe49eddfb701cf6117c09874 6538 ruby2.5_2.5.5-3+deb10u4_source.buildinfo
Files:
 e0813a39715345d3539f21bae969eacb 2482 ruby optional ruby2.5_2.5.5-3+deb10u4.dsc
 9a1922884905ac8be7ddf8de1408472d 10208264 ruby optional ruby2.5_2.5.5.orig.tar.xz
 48083b8970b0941357f2e6b5ee7a33d5 134840 ruby optional ruby2.5_2.5.5-3+deb10u4.debian.tar.xz
 1521a65a287b3c704f56597bc4f4c80d 6538 ruby optional ruby2.5_2.5.5-3+deb10u4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmH5IwYTHHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlv33D/4yPVUr2cC8YyXwoBPo65tc79Pz9pII
6JSro6hVyqkv1NKlc0kcuqhU1RlMuJS+2QooswW3HfTziniM+ryZ/Ya2g0jxaq1Y
esgWi2cDdsf1kC0cDaAfMzSAaM1K4qUo/7cYEcFqfWYRTBTlAaMrz7Urwex+azjl
49DC1/iPg8Lc/nH3YDu7aNH2e3p3iAPl01Gdf/+3WCrzB0VWQHwCOPPKdXnC4O1w
5iY0bqtAg8kz2Yq6Q6qwQFKNsIZhb+yB/KTABUsDA++Q3MCr3Fzy9IM/P+9Zhiev
iRXYnDNNzfAevwXvz3K+D97Athf1tZlhXaaM1gdZcY80+28+124B+/CueGl+UxtQ
uu+sdJUjk2FiGv9LdjdD73yrK35zRruNWE1aNhTwZDuP1xYgwADSuI+hJXrvaF32
pWI52/EG6alz1/XJCyfJ0KHffNJNMs9zA6H8ZIyDpO0+VOUEl/vD6Lb3il+O0omD
j61Ykht1lvc6GMFcHvd8vCcf50VN04JCfzYwVF/q2djQ6wZUCY8eOqJGqjb8EKjB
p9m8RRP7iGLvZJNcumsw8U5p/+ruzOEexdZBDr9reQB9EhhyqW/F0MvQc/6i/wgR
KjpTBb7IqrbkidYQXH3cdPnL6GPFJaN+Yu/vAdIzyp4xUa2A2qDfBWiq1uuTEUjb
1i5ZEQlAu7s9uA==
=HQW+
-----END PGP SIGNATURE-----