-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear team member: (Cc: BTS, security team)
I created cherry-picked patches from upstream, in order to fix these CVE issues and commit team git repository. Please review for upload. Vcs-Git: git://git.debian.org/pkg-ruby-extras/ruby-rack.git Vcs-Browser: http://git.debian.org/?p=pkg-ruby-extras/ruby-rack.git;a=summary BTW, I don't know these issues affect stable packages, librack-ruby{,1.8,1.9.1}, ver. 1.1.0-4. # We have dropped them from SVN repos. Thus we should import them into # team Git repos. P.S. Thanks Moritz! At 18 Jan 2013 15:55:23 +0100, "Moritz Muehlenhoff" <j...@inutil.org> wrote: > > Package: ruby-rack > Severity: grave > Tags: security > Justification: user security hole > > Please see these links for details: > http://seclists.org/oss-sec/2013/q1/80 > http://seclists.org/oss-sec/2013/q1/83 > Best Wishes, - --- Youhei SASAKI <uwab...@gfd-dennou.org> <uwab...@debian.or.jp> GPG fingerprint: 4096/RSA: 66A4 EA70 4FE2 4055 8D6A C2E6 9394 F354 891D 7E07 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJQ+wxnAAoJEJOU81SJHX4HrewP/3goc7fyxCGG4o8ZoECNjV7Z zCKE/ya6aRVqvcFEBbSrvo/nh+QZdmMbLb2mu68PV8iEdsa7zYuxH+uGMv5brckN ST4dOAyUIfAvTBfusgsIDZaJWkOI/5w5t6Cv3hEr5wbBikvkyee40xCrkDklYoU3 Y0/rSsjoIf5CUQwZ9XrSVbf5Z/Jy1RY9mXCJOygQXRwztYPbO8hawO2sv73MQM4W stTViWues7IgnjAEDPrtYOU3d35bx0MgDwfxcqXr9nDIz6TsnCX34FNiWl9Zw4Lc 6sJhUVKpCImTTwaHSRtvg/HWH75L+qLh6W8isscyh2qR3ZfFRmMgjPcm9Y/X56LI 0KPUuwuQQkOi6dgyY8jR6fk03Bwh1KpnJWfwUvPYHQX9IF5iRJbsfKuyqrqs2HQC Sv5xrp0eedoxs7Jh9hq4MMAwioM6r3/KtYUB0gyc4/6GxiPnLwGJtH3jcphCjju6 BFyNRVsBc9oS/sH4Npor7Urr7KsMo8SeSmoJLPbqVwPVfbDLgL2LFOr5d3RLXqlU efJ2XxtIRqPMkzWoBZlWdKoxp3eQ08AMSeRhgJR+7ZG0+j7biSuM2nhRtF1AhVDp rq3mUzfBQi7MEw4cSFoGHIZVXj5SIX8Mlhou1si5OAww8qbPPx36HvNbxBDXoD4l EHLfuZ4hvyyg+0DVwtJi =u1mW -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
