Your message dated Thu, 05 Dec 2013 22:17:05 +0000 with message-id <e1voheh-0000xi...@franck.debian.org> and subject line Bug#730189: fixed in ruby1.8 1.8.7.358-7.1+deb7u1 has caused the Debian Bug report #730189, regarding ruby1.8: CVE-2013-4164: Heap Overflow in Floating Point Parsing to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 730189: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730189 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby1.9.1 Severity: grave Tags: security Hi, The follow vulnerability was published for ruby: CVE-2013-4164: Heap Overflow in Floating Point Parsing https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
--- End Message ---
--- Begin Message ---Source: ruby1.8 Source-Version: 1.8.7.358-7.1+deb7u1 We believe that the bug you reported is fixed in the latest version of ruby1.8, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 730...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro <terce...@debian.org> (supplier of updated ruby1.8 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 01 Dec 2013 23:22:26 -0300 Source: ruby1.8 Binary: ruby1.8 libruby1.8 libruby1.8-dbg ruby1.8-dev libtcltk-ruby1.8 ruby1.8-examples ri1.8 ruby1.8-full Architecture: source all amd64 Version: 1.8.7.358-7.1+deb7u1 Distribution: stable-security Urgency: high Maintainer: akira yamada <ak...@debian.org> Changed-By: Antonio Terceiro <terce...@debian.org> Description: libruby1.8 - Libraries necessary to run Ruby 1.8 libruby1.8-dbg - Debugging symbols for Ruby 1.8 libtcltk-ruby1.8 - Tcl/Tk interface for Ruby 1.8 ri1.8 - Ruby Interactive reference (for Ruby 1.8) ruby1.8 - Interpreter of object-oriented scripting language Ruby 1.8 ruby1.8-dev - Header files for compiling extension modules for the Ruby 1.8 ruby1.8-examples - Examples for Ruby 1.8 ruby1.8-full - Ruby 1.8 full installation Closes: 730189 Changes: ruby1.8 (1.8.7.358-7.1+deb7u1) stable-security; urgency=high . [ Raphaƫl Hertzog ] * debian/patches/CVE-2013-4164.patch: New patch to fix heap overflow in floating point parsing (Closes: #730189) Thanks to Moritz Muehlenhoff for the patch. . [ Antonio Terceiro ] * debian/patches/CVE-2013-4073: fix regression that introduced syntax errors in test/openssl/test_ssl.rb, breaking the execution of the test suite during the package build. Checksums-Sha1: 23d7d3c2542d59e4aa0332f02e81c8cc07b20525 2564 ruby1.8_1.8.7.358-7.1+deb7u1.dsc a20a66ec6d7d7ce13b621941a0e0c8c5240b584a 4895206 ruby1.8_1.8.7.358.orig.tar.gz 2965675190008bb5d955d3e7b0bb37b31fb77e3d 61846 ruby1.8_1.8.7.358-7.1+deb7u1.debian.tar.gz 95a31356dfec5e7b0ee9cbbade84ed5e4a45ed6f 345742 ruby1.8-examples_1.8.7.358-7.1+deb7u1_all.deb 81f1340757f2187b476bdd7b89880bfeaedb8e8c 1431254 ri1.8_1.8.7.358-7.1+deb7u1_all.deb a8c6f49ae112d7f1ddaf3099469773a24f4bc51b 284206 ruby1.8-full_1.8.7.358-7.1+deb7u1_all.deb d573679d4cf6a760611cc4b7227faa99e8d169ad 320204 ruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb af3bca32fb8a1338f0c4dec4a162e2d4c956b085 2090618 libruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb 2c4074731e15a0a15e189facccaedd0bc5fa126e 1739244 libruby1.8-dbg_1.8.7.358-7.1+deb7u1_amd64.deb 261f619bd1e311b52bf16ca1561e24ad5bc02294 911304 ruby1.8-dev_1.8.7.358-7.1+deb7u1_amd64.deb be112ef162215918272ef3247b05760d0f57058f 2036944 libtcltk-ruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb Checksums-Sha256: 733b0090d29696dfacbaf356a7945c5066743bc9d4f1e97942bdba5fc0c02c50 2564 ruby1.8_1.8.7.358-7.1+deb7u1.dsc 9e0856d58830e08f1e38233947d859898ae09d4780cb1a502108e41308de33cb 4895206 ruby1.8_1.8.7.358.orig.tar.gz 64bfbc4e2eae0fdb8b443b75182154a93464a46aac87eeff2bb4512ccdb4d950 61846 ruby1.8_1.8.7.358-7.1+deb7u1.debian.tar.gz 4a103dcfd911de600fb2947dc0aaa0b19693190e19ae972fea8ba83e13d55332 345742 ruby1.8-examples_1.8.7.358-7.1+deb7u1_all.deb f1ff80be4578738529f6799e084f7343ac6021dcba14b43d5e5ce879abea4752 1431254 ri1.8_1.8.7.358-7.1+deb7u1_all.deb 8613afdf053ee8a3289644cde8fb4ed5941e60a1855876987b7391d5d5627e28 284206 ruby1.8-full_1.8.7.358-7.1+deb7u1_all.deb d771ec2e2d7df1ac49d55f573a3ad9f6ea8fa84865a98547f65e5d2a4a2e8dd0 320204 ruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb 61aedfa045792f97bd7be1da99d35423e11e99a0bab74c8e444aec4d672334b3 2090618 libruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb 6ead0704bf7bcda47d64376a92b4db62997090ff41fd88748995d02f76fdd59e 1739244 libruby1.8-dbg_1.8.7.358-7.1+deb7u1_amd64.deb 8c3b7fde4980b96b9c8863ab9c6067f632a632ef058071a811f09bf2e53e5d79 911304 ruby1.8-dev_1.8.7.358-7.1+deb7u1_amd64.deb bb1632ac0db6dcb569949395017980725f2923fd981a115db5b085838610d7db 2036944 libtcltk-ruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb Files: 4943bae30140c29e187c728e3de54a99 2564 ruby optional ruby1.8_1.8.7.358-7.1+deb7u1.dsc 26bd55358847459a7752acdbd33a535f 4895206 ruby optional ruby1.8_1.8.7.358.orig.tar.gz 9681a062de235edfd0123161aeab9039 61846 ruby optional ruby1.8_1.8.7.358-7.1+deb7u1.debian.tar.gz b9dae85d68250e06bc30c0f8db5669aa 345742 ruby optional ruby1.8-examples_1.8.7.358-7.1+deb7u1_all.deb 81b42c7c066ca23f28d96ca8a014ebde 1431254 ruby optional ri1.8_1.8.7.358-7.1+deb7u1_all.deb 01d8dd40ad2b918ad7e20a340ddace01 284206 ruby optional ruby1.8-full_1.8.7.358-7.1+deb7u1_all.deb f899d4e01146dde59379eb0819bd9d4d 320204 ruby optional ruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb ffb6964922972e9df4dd10f4b0a09f0e 2090618 libs optional libruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb 0593d222e4e35d17c82ba71938436558 1739244 debug extra libruby1.8-dbg_1.8.7.358-7.1+deb7u1_amd64.deb 8db7dc07480662b634e16693cd1997bf 911304 ruby optional ruby1.8-dev_1.8.7.358-7.1+deb7u1_amd64.deb e699f03fdd6d623864eecb43a9a5c1ee 2036944 ruby optional libtcltk-ruby1.8_1.8.7.358-7.1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBCAAGBQJSnFrrAAoJEPwNsbvNRgvecPIP/jrABqypwRgOQXCEdz9L736t HFNsFpGIRTAW7gpjtzUpegA4tcLCs0JVwVTdcVDgupjbYG6hBa9ynZdyvvmGxKW9 bQGtKdpKLLUMT5qNFOHGorxUQH9271KiQOXQ2Ez0RMj9TXj40KJfzw8AZIGtcvdo +OSO/zpQIiw+I8zTh6ndqSJk86q/NU6H/gXIi7/0o7ufsUqJuLpFqfBUlvvkz/ED uyCKrhcmRAw/3UJUgbiwmGEP+W3Qnchb1WNmRSsTUXWBXZBDn5vWXUYPQaCx66jR sTeRwfbdnMEhzvgPxFPOY147pMcTKOnOq63A+jSiCZ6+E1iLuO8w/Z4GhHCkZHkU MdC3gR0Z2pjQA8uUSSg+cBO64ztlkzW/7vLDRD5t41Yj6ZzJMz4pa7zaNp3Ohhod xlvNclxZWzFOaP2tyiKGA4X+ul/1W65CJWNnTnE1zt3RyWWrJw0sfGRTbW4XZEQ8 5TpRSOpQUpkymkOpP0thFChkZ/1HpSahpakxv9kpMjBB/sJVbbDtjDvNonkHqe8N ruIS30gVhGKRBvlEo8isWFLZwikSS6jPsxPQKV38gOUmJhw0IeIB7OExkg9HeZhb TddqwXLnjeg4EpuDKfNmyyDsbrakoaE5sRg2t8FNBXOSEDWqD/59/pGoRMV0yUV9 rOosgVEYREXynPHF1I7U =6KbZ -----END PGP SIGNATURE-----
--- End Message ---
