Your message dated Sun, 22 Feb 2015 21:32:25 +0000 with message-id <e1ype8x-0003x0...@franck.debian.org> and subject line Bug#774748: fixed in ruby-redcloth 4.2.9-2+deb7u1 has caused the Debian Bug report #774748, regarding ruby-redcloth: CVE-2012-6684 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 774748: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774748 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby-redcloth Severity: grave Tags: security This was assigned CVE-2012-6684 (only recently, but since the bug was initially discovered in 2012, it received an ID from back then): http://co3k.org/blog/redcloth-unfixed-xss-en Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: ruby-redcloth Source-Version: 4.2.9-2+deb7u1 We believe that the bug you reported is fixed in the latest version of ruby-redcloth, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 774...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro <terce...@debian.org> (supplier of updated ruby-redcloth package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 07 Feb 2015 23:35:43 -0200 Source: ruby-redcloth Binary: ruby-redcloth libredcloth-ruby libredcloth-ruby-doc libredcloth-ruby1.8 libredcloth-ruby1.9.1 Architecture: source all Version: 4.2.9-2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintain...@lists.alioth.debian.org> Changed-By: Antonio Terceiro <terce...@debian.org> Description: libredcloth-ruby - Transitional package for ruby-redcloth libredcloth-ruby-doc - Transitional package for ruby-redcloth libredcloth-ruby1.8 - Transitional package for ruby-redcloth libredcloth-ruby1.9.1 - Transitional package for ruby-redcloth ruby-redcloth - Textile module for Ruby Closes: 774748 Changes: ruby-redcloth (4.2.9-2+deb7u1) wheezy-security; urgency=high . * Team upload. * 0001-Filter-out-javascript-links-when-using-filter_html-o.patch: filter javascript: links when proper HTML sanitization options are turned on (Closes: #774748 [CVE-2012-6684]) Checksums-Sha1: eab8628e7d5f2776b4e3b2cdc4110fa8514c957d 2366 ruby-redcloth_4.2.9-2+deb7u1.dsc 9c1a3a15eba44be1c8f22efdb8cc0639c8266a0a 96220 ruby-redcloth_4.2.9.orig.tar.gz 888a3027a73a7e513abaa9b31ac99ebac1512024 6018 ruby-redcloth_4.2.9-2+deb7u1.debian.tar.gz 96a04c3a1ff0e9d92b28d5f026ddc78379244ea9 9546 libredcloth-ruby_4.2.9-2+deb7u1_all.deb 129d57b3a55dc0590e00cf4cdefc71548ea05e40 9540 libredcloth-ruby-doc_4.2.9-2+deb7u1_all.deb 5be3a65f01f1e821220d655efa11635e6fc97256 9542 libredcloth-ruby1.8_4.2.9-2+deb7u1_all.deb 81e7c6abbdc88296617b5169b62ad04a5364d2e4 9544 libredcloth-ruby1.9.1_4.2.9-2+deb7u1_all.deb Checksums-Sha256: bc694f988f8fb81ede8add8625282c92c67559e96efa42546c662dde73d5d11b 2366 ruby-redcloth_4.2.9-2+deb7u1.dsc e0b6da46967c0c66999e47763f93fdab01e2b1edd5650232a579216e77d2fae6 96220 ruby-redcloth_4.2.9.orig.tar.gz eb2a3f82aebfbd7ad365bdfd995c221f2d861dacccdfe87ef1bb14ec125c1ad9 6018 ruby-redcloth_4.2.9-2+deb7u1.debian.tar.gz 25c249e6177a24e87ab12ed64fd0d89994f43a1ba0a2c86c444d5a2ce1f3d149 9546 libredcloth-ruby_4.2.9-2+deb7u1_all.deb 1ad0d47d17857cc7ea0c58ae3e5ca234779a2e6b0aebf57d8f52bbaf0f2cd05d 9540 libredcloth-ruby-doc_4.2.9-2+deb7u1_all.deb 938c0042583fa21517385c57bce3ffe4ec822c5b4deee97a30698612c4abae4b 9542 libredcloth-ruby1.8_4.2.9-2+deb7u1_all.deb 38f0542ae468149ba1952f123abe3051be0cdc18ebf93fd208f65217be5edf18 9544 libredcloth-ruby1.9.1_4.2.9-2+deb7u1_all.deb Files: addc962a850a49658ea0e80242fa6929 2366 ruby optional ruby-redcloth_4.2.9-2+deb7u1.dsc f98a004c295e58390286a74acfbad189 96220 ruby optional ruby-redcloth_4.2.9.orig.tar.gz d39ca0e56336e823c8e7549b57b8e7e0 6018 ruby optional ruby-redcloth_4.2.9-2+deb7u1.debian.tar.gz 595d15d66195e586438ae7d01737e438 9546 oldlibs extra libredcloth-ruby_4.2.9-2+deb7u1_all.deb 4e568cedf5d19835ea08b719529ffb25 9540 oldlibs extra libredcloth-ruby-doc_4.2.9-2+deb7u1_all.deb 12fc5ccd22c80e1719a569539b87b9f2 9542 oldlibs extra libredcloth-ruby1.8_4.2.9-2+deb7u1_all.deb 48197fa814fdf9268347e3a89d4bc8cf 9544 oldlibs extra libredcloth-ruby1.9.1_4.2.9-2+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJU6NHNAAoJEPwNsbvNRgve3+cP/Rbxd8UhyhVMRPdF7QvLZczd Ws1YENJY62qbzW6phR6Ioiv1m8GWA9U7MQD/nCjQZV3EoCzg7k/XAVDEcxymIfm3 QhFCsZeoWmQd+hS+BliTlLm+LmOcwoqVl0L8zGwK2x8JwG1dmSvyLpivh1FjB11L kLxgJQzQIy1DuuyRQQhadJVnw6zsLQagQs3I1pqHUVX7GI6RLuXJ79ocSwhQCego i7fYbRw7RVo/YnAzq36zjCqVqsZuAt8cjnXkNLhf7dm6KbR1xaR9S17WzPgcedxm aUksPEHkPon1abvpEh0KOoCq7+dOLulXkV8BJZ/5Yknhur/2okUh57G7lQdN3HSb 17n62mmfg9hqexQdWlRrjCcbsf9jam48sONQCcjF/50Pn1AhbcNUyV2ZauWFgSIU tAnmhEn/iyg9tFPwtRjyc4lRg+OaEHutSImJ5sJ299W71sQIOMshm2HWLhRc9ciR t6HYiP40aAF9kf9IKSQGZV4BTqZK+WrBgVcWHTGiYkUe72jV8rVGpsmZaIgPq/5x 3KbBae0KG2sTm5QyJdWr//uVEtz6Hf9rKAP35WVK7tJ3DD2KRyiJAOSGsgd9FkqQ KOkXpAdtZHWLIOjHbAIs1cTIAJuFgka1w4Pbvc87UDKdoE14gpCdTHSSrNPZR0PJ q23G3xJa/X5GE/quEabc =6oP+ -----END PGP SIGNATURE-----
--- End Message ---
