Bug#1022770: marked as done (ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.)

Debian Bug Tracking System Sun, 06 Nov 2022 03:03:57 -0800

Your message dated Sun, 06 Nov 2022 11:00:13 +0000
with message-id <e1ordnt-000cj4...@fasolo.debian.org>
and subject line Bug#1022770: fixed in ruby-omniauth-rails-csrf-protection 
1.0.1-1
has caused the Debian Bug report #1022770,
regarding ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF 
protection on OmniAuth request endpoint on Rails application.
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1022770: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022770
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---
package: wnpp
Severity: wishlist
Owner: Abraham Raji <abra...@debian.org>

*Package Name      : ruby-omniauth-rails-csrf-protection
 Version           : 1.0.1
 Upstream Author   : Cookpad Inc.
*URL : https://github.com/cookpad/omniauth-rails_csrf_protection
*License           : Expat
 Programming Lang  : Ruby
*Description : A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.
This gem provides a mitigation against [CVE-2015-9284] (Cross-Site Request Forgery on the request phase when using OmniAuth gem with a Ruby on Rails application) by implementing a CSRF token verifier that directly uses ActionController::RequestForgeryProtection code from Rails.
.

This gem is required for the gitlab 15.4.0 update.

- Abraham
OpenPGP_0xF67DA33EE71DFDA9.asc
Description: OpenPGP public key

OpenPGP_signature
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message ---

Source: ruby-omniauth-rails-csrf-protection
Source-Version: 1.0.1-1
Done: Abraham Raji <abra...@debian.org>

We believe that the bug you reported is fixed in the latest version of
ruby-omniauth-rails-csrf-protection, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1022...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Abraham Raji <abra...@debian.org> (supplier of updated 
ruby-omniauth-rails-csrf-protection package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 29 Oct 2022 23:16:37 +0530
Source: ruby-omniauth-rails-csrf-protection
Binary: ruby-omniauth-rails-csrf-protection
Architecture: source all
Version: 1.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team 
<pkg-ruby-extras-maintain...@lists.alioth.debian.org>
Changed-By: Abraham Raji <abra...@debian.org>
Description:
 ruby-omniauth-rails-csrf-protection - Provides CSRF protection on OmniAuth 
request endpoint on Rails ap
Closes: 1022770
Changes:
 ruby-omniauth-rails-csrf-protection (1.0.1-1) unstable; urgency=medium
 .
   * Initial release (Closes: #1022770)
Checksums-Sha1:
 fcfa9a4cbbbe0103e59317582650030c5695fcb0 1755 
ruby-omniauth-rails-csrf-protection_1.0.1-1.dsc
 148b41d95b32876dc9a7a42201b6494db28141d5 6887 
ruby-omniauth-rails-csrf-protection_1.0.1.orig.tar.gz
 e3041f222e1160f5e4d6414a135071757ad8d513 2928 
ruby-omniauth-rails-csrf-protection_1.0.1-1.debian.tar.xz
 2f89c4c15d3473cfde7a4d510974df3f72f0c958 4856 
ruby-omniauth-rails-csrf-protection_1.0.1-1_all.deb
 881a0f1e2cd92dbf84aef3b1b27c4879b25d75fa 10519 
ruby-omniauth-rails-csrf-protection_1.0.1-1_amd64.buildinfo
Checksums-Sha256:
 802c93013eb08c5dbca446155403c627eea536851c78b10e9b9d61fab9e464a9 1755 
ruby-omniauth-rails-csrf-protection_1.0.1-1.dsc
 c763b06f822ea14b7fd5ee32e1882dd39e655d1d3b9d26e5cdb0e73bb7e2a3dc 6887 
ruby-omniauth-rails-csrf-protection_1.0.1.orig.tar.gz
 8f2f6ebd92a97a98470500eb21cf1a6ddd38edc5a65fde58be4e2b10d7f5289d 2928 
ruby-omniauth-rails-csrf-protection_1.0.1-1.debian.tar.xz
 48cb9b661c9dbe8623f7904ad1c40ef14dd3e57d18429904586f5423ce996381 4856 
ruby-omniauth-rails-csrf-protection_1.0.1-1_all.deb
 6468848e1d67f2cd2fe8ba9a118cde3334a46ab44f822dbc8c59145ca9b10bb2 10519 
ruby-omniauth-rails-csrf-protection_1.0.1-1_amd64.buildinfo
Files:
 348fdf847872f9ee5e86c361b53c5a18 1755 ruby optional 
ruby-omniauth-rails-csrf-protection_1.0.1-1.dsc
 9eae59440d8a4b7b77f48fae2637b104 6887 ruby optional 
ruby-omniauth-rails-csrf-protection_1.0.1.orig.tar.gz
 8f3552c194cf8504a3c7da55612ccbcd 2928 ruby optional 
ruby-omniauth-rails-csrf-protection_1.0.1-1.debian.tar.xz
 1b07f0e5b7fa565320afe4cdaebbe7f3 4856 ruby optional 
ruby-omniauth-rails-csrf-protection_1.0.1-1_all.deb
 342a0899569e1c67c96cb97f1e35c9f1 10519 ruby optional 
ruby-omniauth-rails-csrf-protection_1.0.1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSglbZu4JAkvuai8HIqJ5BL1yQ+2gUCY11o6QAKCRAqJ5BL1yQ+
2gUHAQCBWuvBFbN+4FAjolTC9Z/sDQxWjAJZ36kdvbxPdoMdBgD+IZRdhbHexn/a
QvnV/1mvk1IF/UUEMKrGQY72oXygIAE=
=9Y/t
-----END PGP SIGNATURE-----

--- End Message ---

Bug#1022770: marked as done (ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.)

Reply via email to