Your message dated Mon, 02 Dec 2013 12:04:47 +0000 with message-id <e1vnsf5-0006vf...@franck.debian.org> and subject line Bug#730190: fixed in ruby2.0 2.0.0.353-1 has caused the Debian Bug report #730190, regarding ruby2.0: CVE-2013-4164: Heap Overflow in Floating Point Parsing to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 730190: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730190 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby1.9.1 Severity: grave Tags: security Hi, The follow vulnerability was published for ruby: CVE-2013-4164: Heap Overflow in Floating Point Parsing https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
--- End Message ---
--- Begin Message ---Source: ruby2.0 Source-Version: 2.0.0.353-1 We believe that the bug you reported is fixed in the latest version of ruby2.0, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 730...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro <terce...@debian.org> (supplier of updated ruby2.0 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 25 Nov 2013 22:34:25 -0300 Source: ruby2.0 Binary: ruby2.0 libruby2.0 ruby2.0-dev ruby2.0-doc ruby2.0-tcltk Architecture: source amd64 all Version: 2.0.0.353-1 Distribution: unstable Urgency: low Maintainer: Antonio Terceiro <terce...@debian.org> Changed-By: Antonio Terceiro <terce...@debian.org> Description: libruby2.0 - Libraries necessary to run Ruby 2.0 ruby2.0 - Interpreter of object-oriented scripting language Ruby ruby2.0-dev - Header files for compiling extension modules for the Ruby 2.0 ruby2.0-doc - Documentation for Ruby 2.0 ruby2.0-tcltk - Ruby/Tk for Ruby 2.0 Closes: 730190 Changes: ruby2.0 (2.0.0.353-1) unstable; urgency=low . * New upstream release + Includes fix for Heap Overflow in Floating Point Parsing (CVE-2013-4164) Closes: #730190 Checksums-Sha1: 28e01df28d73d08dca7f9ba872f0df5392d9c864 2263 ruby2.0_2.0.0.353-1.dsc 9ec7930b6e651a47a8b012c19ffd960a6224d9c7 8894283 ruby2.0_2.0.0.353.orig.tar.bz2 fd8dc15432666be6d3678f4bebf28a783e166309 86583 ruby2.0_2.0.0.353-1.debian.tar.gz 4b5b2a699e45b9b79468c1ebe3e76e9704855b2c 339504 ruby2.0_2.0.0.353-1_amd64.deb 460f9858a019693d2bb06aa7edc6b4733494296e 3083208 libruby2.0_2.0.0.353-1_amd64.deb 68894e392496d1f0e978ea6ec72ca52a536d077a 1180036 ruby2.0-dev_2.0.0.353-1_amd64.deb a5a689e2b312567c7cc42ddb899de3493729a64f 3256868 ruby2.0-doc_2.0.0.353-1_all.deb 25dc6eaed8bdc393af3a4fb352904b10363d1771 542072 ruby2.0-tcltk_2.0.0.353-1_amd64.deb Checksums-Sha256: e86def731b0611ac9948050faeaf9f440eec568bfdc98cd784e25936fd14da0b 2263 ruby2.0_2.0.0.353-1.dsc bf251987d236ada113b95a68907186b17b49b8434f58cdf92b1069ccc1efebab 8894283 ruby2.0_2.0.0.353.orig.tar.bz2 7f8ce1980e33cd70a2b7eb70ab41bb1fe6c4093520f3606dc90290959789c40b 86583 ruby2.0_2.0.0.353-1.debian.tar.gz dad5f3a9204a2fc4418213480623b8f4628b1b71e9e102f130dedf8c49f4d1ab 339504 ruby2.0_2.0.0.353-1_amd64.deb 62abc0ad9a91e83de3d3c7b79bd519bcafd0c73b8b5c46d10be9e6aa16d9097b 3083208 libruby2.0_2.0.0.353-1_amd64.deb 1ca00602ae63e543f0e639a157d9caf3cf702838442be757decf4f640aba7bd0 1180036 ruby2.0-dev_2.0.0.353-1_amd64.deb 18a9d952a66b0dd26570bf7931853947ac8f29543f6bfb2ad39f11f547fe698e 3256868 ruby2.0-doc_2.0.0.353-1_all.deb 1e0b899f5cf5774c8a0f17b430d236c7f5152b4837b464ba5bc229be845dc0cd 542072 ruby2.0-tcltk_2.0.0.353-1_amd64.deb Files: 62bc23590fe935f2434d14dd33d8c21c 2263 ruby extra ruby2.0_2.0.0.353-1.dsc 62a613f7500f260f5d1ea7f5af7a630e 8894283 ruby extra ruby2.0_2.0.0.353.orig.tar.bz2 410c652d9752145e0daf413e3aa22ba3 86583 ruby extra ruby2.0_2.0.0.353-1.debian.tar.gz 8a8a30b0cd5341dcfd9d128d4467a155 339504 ruby extra ruby2.0_2.0.0.353-1_amd64.deb 8efd4890218c84df9cb2cc33d08af6d1 3083208 libs extra libruby2.0_2.0.0.353-1_amd64.deb 0cc926edd970f73976ce2aaf6885f98b 1180036 ruby extra ruby2.0-dev_2.0.0.353-1_amd64.deb 26cee18321a36ee3dce24b4ce47f0753 3256868 doc extra ruby2.0-doc_2.0.0.353-1_all.deb b9fb17fcaad28072357064db8d31f593 542072 ruby extra ruby2.0-tcltk_2.0.0.353-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBCAAGBQJSnHI0AAoJEPwNsbvNRgve/G8P/2ouXtovcOh4h3IjiFEjPLdo RdaCwQ0dG4X1JUPYAyjgq15u2nsflKjUKoo0hktE252X6ODst15DErtoAoOc0Xvd rtWLvdcxy080uO5xEi+TqQkO5EIZYblZUv5JaV+8X29FE0FIkZc7fnlklxfCgkSp fXTs/BmuaA9KQSn8dXyfxsNe4Wr9Rj99rUeenddhjuxCKTNunkQTldVU+N3mI40f R0VK8kspZxS082q7D3M55yTI9FspkHMgQyuUund2aig3jKIgHafoMNTpr7QjNeTR hvc0C/Gi6yeMNMEflVSEQd1y1sDErpOG/27piyhcialc49lyUns1C07cm84bGpBe RkW+i3FMFjoa8Z5e+pW9ulO1tz9us9Oy2Uv/YqtKHQRzbuTiz25pCTFWPTX3XWSQ cPAZjKuCSeKU1Af6l3ySqu0G00Qwsw2JZArzOV77rDAxhChLEvWR5jTFlA3QBKRc ud0+dK+bgGzrB0GIj2zZUJ59SfPEPIDkBDtvSvdx4Tx+L/nfG0yahyF07hj3JXIi DgjvdtzO4oRpz9bcyNpyrP8Ia0iMZlpDE3XdKVhLNOIzEkM/Srx95GFbMggt1A4H 0WXxyYuJF5qNSc0JLfbLY5DzNOqgSCGF9f9hV1cmmwZmzIUv6JTrAgVhQEuD7Ef4 h+q7tI13JaJJpK0zjO0P =Ytzz -----END PGP SIGNATURE-----
--- End Message ---
