Your message dated Fri, 17 Aug 2018 11:05:46 +0000
with message-id <e1fqcze-000ehz...@fasolo.debian.org>
and subject line Bug#902721: fixed in ruby-json-jwt 1.9.4-1
has caused the Debian Bug report #902721,
regarding CVE-2018-1000539
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
902721: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902721
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ruby-json-jwt
Severity: grave
Tags: security
This was assigned CVE-2018-1000539:
https://github.com/nov/json-jwt/pull/62
https://github.com/nov/json-jwt/commit/3393f394f271c87bd42ec23c300727b4437d1638
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: ruby-json-jwt
Source-Version: 1.9.4-1
We believe that the bug you reported is fixed in the latest version of
ruby-json-jwt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 902...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Pirate Praveen <prav...@debian.org> (supplier of updated ruby-json-jwt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 15 Aug 2018 21:51:27 +0530
Source: ruby-json-jwt
Binary: ruby-json-jwt
Architecture: source
Version: 1.9.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers
<pkg-ruby-extras-maintain...@lists.alioth.debian.org>
Changed-By: Pirate Praveen <prav...@debian.org>
Description:
ruby-json-jwt - JSON Web Token and its family in Ruby
Closes: 902721
Changes:
ruby-json-jwt (1.9.4-1) unstable; urgency=medium
.
* New upstream version 1.9.4 (Closes: #902721) (Fixes: CVE-2018-1000539)
* Move debian/watch to gemwatch.debian.net
* Bump Standards-Version to 4.2.0 (no changes needed)
* Bump debhelper compatibility level to 11
* Use salsa.debian.org in Vcs-* fields
Checksums-Sha1:
cfcc706cbfca43e947f2c6ce9273cdc3952da7ed 2116 ruby-json-jwt_1.9.4-1.dsc
4d9a7a9ca2f2389bcf96bb0e0f8930bea5257312 23369 ruby-json-jwt_1.9.4.orig.tar.gz
de036bb5fd6e3235ffd2de0bc18e89404fccaa94 2244
ruby-json-jwt_1.9.4-1.debian.tar.xz
cf998633aa9e6147ed8636910cdb7a8103003026 6796
ruby-json-jwt_1.9.4-1_source.buildinfo
Checksums-Sha256:
27a9119b79bd0462b9f603fcfbc8d6584c412ab962e12b464bbc1eed3b85b79c 2116
ruby-json-jwt_1.9.4-1.dsc
c36a6f3bab4e686fe051a2f1f40c1bbeb61bd3292cf8397c7ed9451410cfa3aa 23369
ruby-json-jwt_1.9.4.orig.tar.gz
daa47a4d12acad12ab831d0d3795b9b28af24eb18923698e6dced56954bf6bfe 2244
ruby-json-jwt_1.9.4-1.debian.tar.xz
f8bddf76fccde9559c5aaf152569f7c40bc107f7d2a84e978ca588b3b634ff4d 6796
ruby-json-jwt_1.9.4-1_source.buildinfo
Files:
20fa536ef739588487b669a20fd1dc35 2116 ruby optional ruby-json-jwt_1.9.4-1.dsc
469a09dbc4a21b57b25a71d36c3a1bce 23369 ruby optional
ruby-json-jwt_1.9.4.orig.tar.gz
f8304fb1d580992a25e2fb74e97caf0f 2244 ruby optional
ruby-json-jwt_1.9.4-1.debian.tar.xz
7a2ab9bef1d7856d6e94f5cde2c8d095 6796 ruby optional
ruby-json-jwt_1.9.4-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlt2qI8ACgkQzh+cZ0US
wip54g/+MEFJmC4VNUmoN3/rXIzwCardMZ206ZhtB8VcNbAruj6M3TqKZepstLoM
neYDY8eNDaSEUNMC2xsR86NGc6j6i0f1PjPsaB6s+hlskTdQ8F5GCiQO/OfZIugF
l3cOs3yFJ1JlbnagNEeZ0q09RTH0mkgsjoh1yEsT70u3yxgG0//amIvkMuXIzZZH
OVmg8b13OG4FxsXjp3oy0bGk0U6utWwPIicNnXPrHvZZM8+cw67xZHSyiKymmmQG
ydhrwsLCXBVXt5ANQpGeDykP50rJGOSkWGK0HN0JdeORd+pZlwc8iC+LRTXlXm5b
ATKRMRpLI/+cZnioK+xW2o3pXS2hfH/EPs/5fx/kbYKRWUiAqPGra9frw5jCBS24
cbgepIY+QoWd0s344Zj+1NZX5psg2TAqs57ALpCwHAgk//vv9eUgiwhVZ0o52CWw
5AvOgErfwHg5GUY39l/u/egTHf3s11j1TWU7dGrpOFNbI3z1kVucH4r9Y89qU/0l
gaG/dRv5AeOCIzI1vjxRHwQhAz7FZQdGMC8u7PZ0ryEQw/QtkQknt2h3qMIdO7Wk
5a8a8de/hoHB4jMh/0MLKkn9sZ3Kz04zslbO019Nz6kujPfP3vnKSZ+a29Ex8CbU
z9mk6DDOTKCmjfKrw6tvrzYNvYnHQDCXgOAToudd6oROGqq4qtg=
=VAaF
-----END PGP SIGNATURE-----
--- End Message ---
