Your message dated Thu, 15 Apr 2021 17:19:14 +0000 with message-id <e1lx5e6-000ehy...@fasolo.debian.org> and subject line Bug#986806: fixed in ruby-rexml 3.2.5-1 has caused the Debian Bug report #986806, regarding CVE-2021-28965 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 986806: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986806 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby-rexml Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ Why is there a separate package duplicating rexml from src:ruby2.7 in bullseye? Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: ruby-rexml Source-Version: 3.2.5-1 Done: Pirate Praveen <prav...@debian.org> We believe that the bug you reported is fixed in the latest version of ruby-rexml, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 986...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pirate Praveen <prav...@debian.org> (supplier of updated ruby-rexml package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 15 Apr 2021 22:16:45 +0530 Source: ruby-rexml Architecture: source Version: 3.2.5-1 Distribution: experimental Urgency: medium Maintainer: Debian Ruby Team <pkg-ruby-extras-maintain...@lists.alioth.debian.org> Changed-By: Pirate Praveen <prav...@debian.org> Closes: 986806 Changes: ruby-rexml (3.2.5-1) experimental; urgency=medium . * Team upload. . [ Cédric Boutillier ] * [ci skip] Update team name . [ Pirate Praveen ] * New upstream version 3.2.5 (Closes: #986806) (Fixes: CVE-2021-28965) (Uploading to experimental till we figure out the best way to fix unstable) * Bump Standards-Version to 4.5.1 (no changes needed) Checksums-Sha1: c41c22b6c44dd2391f819cf4d5ae573e3b8b2602 2018 ruby-rexml_3.2.5-1.dsc d2aab43f8b6ae0f7b0340ae162187eaaf24c0927 447881 ruby-rexml_3.2.5.orig.tar.gz 5e30a8cab0f7d637613db71364477a93de46ab96 2620 ruby-rexml_3.2.5-1.debian.tar.xz 42481c70ef1cdda2a5826f0ec4c1084d1c51507e 8992 ruby-rexml_3.2.5-1_amd64.buildinfo Checksums-Sha256: 61ef9b3704da336f17428a4a17f1727a8d34174032b9b33ea2741f151a1ad704 2018 ruby-rexml_3.2.5-1.dsc 23b7a82bf41bcd1201f67e7ca6e795eee1bb76dce94cd7abf411969e39c5c71d 447881 ruby-rexml_3.2.5.orig.tar.gz 506cf048d35e8a504971516c18ac2204a48deb07c9037cedeabdc640466fe412 2620 ruby-rexml_3.2.5-1.debian.tar.xz 8b731b5a0f2ead945a42f092d98f3a667834c16d2f2be2a7ed23eeaa0b4cf303 8992 ruby-rexml_3.2.5-1_amd64.buildinfo Files: 6e06d40c426334986889ca020dbd58c0 2018 ruby optional ruby-rexml_3.2.5-1.dsc 32bfd908e2ae71720efa56cc43d18325 447881 ruby optional ruby-rexml_3.2.5.orig.tar.gz f381529e971e0588e12f42f10f234c6b 2620 ruby optional ruby-rexml_3.2.5-1.debian.tar.xz aeda66284801f676d15d831cdac6b36e 8992 ruby optional ruby-rexml_3.2.5-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0whj4mAg5UP0cZqDj1PgGTspS3UFAmB4cVUACgkQj1PgGTsp S3UFahAAlB7nqMYJqiCY2XwaGR9s3sJ5xZo/3/Sif+YTn3FCt/P7LSOKAM4CgBU8 UG6zh6172AR1zHBkcE/dxobv3eICOWgR4LizU7Z3qcijn8djOpSwygvxcK0DA3pT r/TXXbtAm7KdB/QxpnbmkjJllOR5QAQXoXNRm/wgnZOFeXh2rOWvol67MJMWEDUv lXM77QXLZXRftrQ3l+4284CJMvcifnJIbixG+/5C+gYiN5nxYiAO/RH+H3FPPlxX 9KoNp5qaq1wpcVYa6LSlOKw8Z0baYCc0xa7/c4Wssy56gPWiIk7eUFwkMyIuyE1+ //+mUCNNXrSC8pAHsqtj1YA/xGkZJ+3E+7fDKRuV2NiepQ/hbqJy5AWYzAdpqmCC zi+8ijYUtT+0o3YOtUIguesJs5VXJgVwIK/xCxKJkz7ozRiNeyh6m2l8ACpt90Pi YKtBc+h7Ru9qe0GW4r+tWfEALsoJqNx6eRzDbVjWHKGo8cld0eZcmKLL7+8M5fxk PWhr6707v3a+uHgNCmHQgim9QBZds4bltZ1mBRk6uRes46Q+4+QDGpdyAnqDbszf FKeHg7HtzwTmw2enARQCBViWN5+UKLyQxurYGXnLyZrNB0lE8iXAfbmwOAYzhwzm uVQIr/+VxktMdPonf9SfxmhRzRcpJ+eCVG4Zolou9i/iVkRihRI= =p47v -----END PGP SIGNATURE-----
--- End Message ---
