Hi, On Sun, Jan 20, 2013 at 6:13 AM, Youhei SASAKI <uwab...@gfd-dennou.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Dear team member: > (Cc: BTS, security team) > > I created cherry-picked patches from upstream, in order to fix these CVE > issues and commit team git repository. Please review for upload.
Looks good to me. > > Vcs-Git: git://git.debian.org/pkg-ruby-extras/ruby-rack.git > Vcs-Browser: > http://git.debian.org/?p=pkg-ruby-extras/ruby-rack.git;a=summary > > BTW, I don't know these issues affect stable packages, > librack-ruby{,1.8,1.9.1}, ver. 1.1.0-4. I seem to need 0003-Reimplement-auth-scheme-fix.patch. Please consult about this to security team. > > # We have dropped them from SVN repos. Thus we should import them into > # team Git repos. > > P.S. Thanks Moritz! > > At 18 Jan 2013 15:55:23 +0100, > "Moritz Muehlenhoff" <j...@inutil.org> wrote: >> >> Package: ruby-rack >> Severity: grave >> Tags: security >> Justification: user security hole >> >> Please see these links for details: >> http://seclists.org/oss-sec/2013/q1/80 >> http://seclists.org/oss-sec/2013/q1/83 >> > > Best Wishes, > - --- > Youhei SASAKI <uwab...@gfd-dennou.org> > <uwab...@debian.or.jp> > GPG fingerprint: > 4096/RSA: 66A4 EA70 4FE2 4055 8D6A C2E6 9394 F354 891D 7E07 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > > iQIcBAEBCgAGBQJQ+wxnAAoJEJOU81SJHX4HrewP/3goc7fyxCGG4o8ZoECNjV7Z > zCKE/ya6aRVqvcFEBbSrvo/nh+QZdmMbLb2mu68PV8iEdsa7zYuxH+uGMv5brckN > ST4dOAyUIfAvTBfusgsIDZaJWkOI/5w5t6Cv3hEr5wbBikvkyee40xCrkDklYoU3 > Y0/rSsjoIf5CUQwZ9XrSVbf5Z/Jy1RY9mXCJOygQXRwztYPbO8hawO2sv73MQM4W > stTViWues7IgnjAEDPrtYOU3d35bx0MgDwfxcqXr9nDIz6TsnCX34FNiWl9Zw4Lc > 6sJhUVKpCImTTwaHSRtvg/HWH75L+qLh6W8isscyh2qR3ZfFRmMgjPcm9Y/X56LI > 0KPUuwuQQkOi6dgyY8jR6fk03Bwh1KpnJWfwUvPYHQX9IF5iRJbsfKuyqrqs2HQC > Sv5xrp0eedoxs7Jh9hq4MMAwioM6r3/KtYUB0gyc4/6GxiPnLwGJtH3jcphCjju6 > BFyNRVsBc9oS/sH4Npor7Urr7KsMo8SeSmoJLPbqVwPVfbDLgL2LFOr5d3RLXqlU > efJ2XxtIRqPMkzWoBZlWdKoxp3eQ08AMSeRhgJR+7ZG0+j7biSuM2nhRtF1AhVDp > rq3mUzfBQi7MEw4cSFoGHIZVXj5SIX8Mlhou1si5OAww8qbPPx36HvNbxBDXoD4l > EHLfuZ4hvyyg+0DVwtJi > =u1mW > -----END PGP SIGNATURE----- > > _______________________________________________ > Pkg-ruby-extras-maintainers mailing list > pkg-ruby-extras-maintain...@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers Best regards, Nobuhiro -- Nobuhiro Iwamatsu iwamatsu at {nigauri.org / debian.org} GPG ID: 40AD1FA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
