Your message dated Wed, 17 Oct 2012 23:03:02 +0000 with message-id <e1tocdi-00044v...@franck.debian.org> and subject line Bug#690670: fixed in ruby1.9.1 1.9.3.194-3 has caused the Debian Bug report #690670, regarding ruby1.9.1: CVE-2012-4522 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 690670: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690670 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby1.9.1 Severity: grave Tags: security Justification: user security hole Please see http://www.ruby-lang.org/en/news/2012/10/12/poisoned-NUL-byte-vulnerability/ The advisory doesn't mention Ruby 1.8, can you please double-check, whether it is affected? Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: ruby1.9.1 Source-Version: 1.9.3.194-3 We believe that the bug you reported is fixed in the latest version of ruby1.9.1, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 690...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro <terce...@debian.org> (supplier of updated ruby1.9.1 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 16 Oct 2012 10:27:20 -0300 Source: ruby1.9.1 Binary: ruby1.9.1 libruby1.9.1 libruby1.9.1-dbg ruby1.9.1-dev libtcltk-ruby1.9.1 ruby1.9.1-examples ri1.9.1 ruby1.9.1-full ruby1.9.3 Architecture: source all amd64 Version: 1.9.3.194-3 Distribution: unstable Urgency: high Maintainer: akira yamada <ak...@debian.org> Changed-By: Antonio Terceiro <terce...@debian.org> Description: libruby1.9.1 - Libraries necessary to run Ruby 1.9.1 libruby1.9.1-dbg - Debugging symbols for Ruby 1.9.1 libtcltk-ruby1.9.1 - Tcl/Tk interface for Ruby 1.9.1 ri1.9.1 - Ruby Interactive reference (for Ruby 1.9.1) ruby1.9.1 - Interpreter of object-oriented scripting language Ruby ruby1.9.1-dev - Header files for compiling extension modules for the Ruby 1.9.1 ruby1.9.1-examples - Examples for Ruby 1.9 ruby1.9.1-full - Ruby 1.9.1 full installation ruby1.9.3 - Interpreter of object-oriented scripting language Ruby, version 1 Closes: 690670 Changes: ruby1.9.1 (1.9.3.194-3) unstable; urgency=high . * debian/patches/CVE-2012-4522.patch: avoid vulnerability with strings containing NUL bytes passed to file creation methods. This fixes CVE-2012-4522 (Closes: #690670). Checksums-Sha1: 2e22f6c105a6de39596371fd71e8e220eea06d71 1994 ruby1.9.1_1.9.3.194-3.dsc 1e787f20ef63874dd7f00292c280d23d1a596568 52410 ruby1.9.1_1.9.3.194-3.debian.tar.gz 92d45f393d7664ac3a77420d62f3fa87f31e6f7c 232718 ruby1.9.1-examples_1.9.3.194-3_all.deb f7de06b696a3cfccd78c97d3121fb82fa74e3b29 2172584 ri1.9.1_1.9.3.194-3_all.deb 90401f1dff850e074a35adf2809cd686ea84b004 170788 ruby1.9.1-full_1.9.3.194-3_all.deb d5cd424678affdeaf5258eb0b3192d611c4bde59 171352 ruby1.9.3_1.9.3.194-3_all.deb 12ab27e643240f9427119a46ae606eaf444e58f9 207706 ruby1.9.1_1.9.3.194-3_amd64.deb cda0bc54c33d75e80d4c72b34b4ab35894f15657 4414158 libruby1.9.1_1.9.3.194-3_amd64.deb 90c73ec9a9dd55af8fb55a508ec4f5ae2ed27cee 4561792 libruby1.9.1-dbg_1.9.3.194-3_amd64.deb 979d73f9a5f6f67a7f890cd5aff6b6d827c8a645 1383170 ruby1.9.1-dev_1.9.3.194-3_amd64.deb 650541dca36b100453768a2c9f578ae2340ddd76 1958922 libtcltk-ruby1.9.1_1.9.3.194-3_amd64.deb Checksums-Sha256: 63c3ca283211690b3b4985d8a341c4a9bec7ca0bd61a2464e04f5f46632e8950 1994 ruby1.9.1_1.9.3.194-3.dsc 87e37bccf59c08f2d225d824f2e7f7f56615c2873104486453213aa69d7b5e09 52410 ruby1.9.1_1.9.3.194-3.debian.tar.gz 646f09720504155b7b9dd2ce0ef3da20dd63452c39d9bfc185e4355b9059a5ae 232718 ruby1.9.1-examples_1.9.3.194-3_all.deb 2f248e9954a8a92e90061b04ecdbd86241f2d4afa1798c1974ea0dc0be2f3441 2172584 ri1.9.1_1.9.3.194-3_all.deb fb27c6dadcad2aaf60c59e28bec360219f62d3b68b0a0f0d2a2a267db9286964 170788 ruby1.9.1-full_1.9.3.194-3_all.deb e70734b02c1f6bf2671762726a302ec8bd339a73958ff70f5398fc5865882434 171352 ruby1.9.3_1.9.3.194-3_all.deb b4a27e5fda38e08e94158205ccdd349ee648b1a8cda8795649cd179e29b954b1 207706 ruby1.9.1_1.9.3.194-3_amd64.deb c870b57babcd28b3fa0666d6219d74e8054c2955486503fa235456da8c0722cb 4414158 libruby1.9.1_1.9.3.194-3_amd64.deb aa38056b00333da4e5cde928f571e37df0eb7c08c26449c491975898a0b9c528 4561792 libruby1.9.1-dbg_1.9.3.194-3_amd64.deb c93ad48b0c197ffb0017860fcfbb944328122e63341f59e6705383eb39037faa 1383170 ruby1.9.1-dev_1.9.3.194-3_amd64.deb 47fa0d2c170e3cf0405ed7f1ff28e0e35cde2c25c716727faaddd789c7cab941 1958922 libtcltk-ruby1.9.1_1.9.3.194-3_amd64.deb Files: a3221c7c641936715ee8425fb2e172e5 1994 ruby optional ruby1.9.1_1.9.3.194-3.dsc 6699b61b2945d6b9ae8217ddfccff615 52410 ruby optional ruby1.9.1_1.9.3.194-3.debian.tar.gz 5da6afb595418999f1b47a8fe5337318 232718 ruby optional ruby1.9.1-examples_1.9.3.194-3_all.deb 55661e0fcaf299c8badec1b931f3af15 2172584 ruby optional ri1.9.1_1.9.3.194-3_all.deb e171b196dd4cb22eafd2bf31c6a22ae8 170788 ruby optional ruby1.9.1-full_1.9.3.194-3_all.deb ffccbaaf374348816a7e93050b0670f0 171352 ruby optional ruby1.9.3_1.9.3.194-3_all.deb 1a1ea0d3145b6b0a9aa6cfff58df9516 207706 ruby optional ruby1.9.1_1.9.3.194-3_amd64.deb 81861451ef196b81af9b5b45abc6b8f0 4414158 libs optional libruby1.9.1_1.9.3.194-3_amd64.deb 529ad826f07e5e3ccf1ccb40314f96e1 4561792 debug extra libruby1.9.1-dbg_1.9.3.194-3_amd64.deb 0f26a4b96934ed3f5e0fc36bd05761dc 1383170 ruby optional ruby1.9.1-dev_1.9.3.194-3_amd64.deb f981de7bc4eca7de2aba498b012c0405 1958922 ruby optional libtcltk-ruby1.9.1_1.9.3.194-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlB/NZAACgkQDOM8kQ+cso8ycACggejQI1epHnB2Z9/Prf+g4OUJ WQkAn37Tec+3i6IxKhdU2vHMbsnZzgWE =IVFQ -----END PGP SIGNATURE-----
--- End Message ---
