Your message dated Wed, 09 Jan 2013 21:48:22 +0000 with message-id <e1tt3vw-0003zw...@franck.debian.org> and subject line Bug#697802: fixed in ruby-actionpack-3.2 3.2.6-5 has caused the Debian Bug report #697802, regarding ruby-activerecord-3.2: CVE-2013-0155 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 697802: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697802 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby-activerecord-3.2 Severity: grave Tags: security Justification: user security hole Please see http://www.openwall.com/lists/oss-security/2013/01/08/13 "rails" from stable should not be affected, but please double-check. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: ruby-actionpack-3.2 Source-Version: 3.2.6-5 We believe that the bug you reported is fixed in the latest version of ruby-actionpack-3.2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 697...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro <terce...@debian.org> (supplier of updated ruby-actionpack-3.2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 09 Jan 2013 18:25:45 -0300 Source: ruby-actionpack-3.2 Binary: ruby-actionpack-3.2 Architecture: source all Version: 3.2.6-5 Distribution: unstable Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintain...@lists.alioth.debian.org> Changed-By: Antonio Terceiro <terce...@debian.org> Description: ruby-actionpack-3.2 - web-flow and rendering framework putting the VC in MVC (part of R Closes: 697802 Changes: ruby-actionpack-3.2 (3.2.6-5) unstable; urgency=high . * debian/patches/CVE-2013-0155.patch: fix Unsafe Query Generation Risk [CVE-2013-0155] (Closes: #697802) Checksums-Sha1: b6ed50d9b55ac5d8d9f99830a84f42d38377e862 1683 ruby-actionpack-3.2_3.2.6-5.dsc 3c49e0400f035dbb3df985916bb9d4b942a1e1d8 5064 ruby-actionpack-3.2_3.2.6-5.debian.tar.gz cddbe023f2fdb5ff3d8cec80f3e48c3c77c7e6ce 387692 ruby-actionpack-3.2_3.2.6-5_all.deb Checksums-Sha256: bab286a6c9d1950a6fcf337daffbb5c19923a98380f1be2a67f7f99678148383 1683 ruby-actionpack-3.2_3.2.6-5.dsc a0bd0b40a22cfa22e5af477d614b7e8a51ce4a6b53dd5b6099048c2fc8bdcfd9 5064 ruby-actionpack-3.2_3.2.6-5.debian.tar.gz 0b2010a716c3ac4452c03889dac63899152773e58055c2a0b84cf08167fe13f8 387692 ruby-actionpack-3.2_3.2.6-5_all.deb Files: ce874edee91e610cb8bb03a2d0e9106e 1683 ruby optional ruby-actionpack-3.2_3.2.6-5.dsc 77538e2a664bfe67aaa9552bc2b5e32c 5064 ruby optional ruby-actionpack-3.2_3.2.6-5.debian.tar.gz f5c030383d09ff395251b1f4a4179244 387692 ruby optional ruby-actionpack-3.2_3.2.6-5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlDt44AACgkQDOM8kQ+cso9BTACfeAo/TVqNpU59Mutt+Nqw4fG0 LLIAoJERgXe8xN1OwgtJ1RJZdYrVu9v9 =53EM -----END PGP SIGNATURE-----
--- End Message ---
