This should now be triaged for our packages based on Debian's https
://security-tracker.debian.org/tracker/CVE-2013-0155. As Marc said,
since the packages referred to in this bug is in universe or multiverse,
it is community maintained. When a debdiffs are available, members of
the security team will review them and publish the packages. See the
following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures.

Since I added so many tasks, I went ahead and assigned Christian to
ruby-activerecord-3.2 on Quantal since that is what the supplied debdiff
was for.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1100188

Title:
   Unsafe Query Generation Risk in Ruby on Rails

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rails/+bug/1100188/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to