[DRE-maint] Bug#555224: libjson-ruby: embeds prototype.js
Michael Gilbert
michael.s.gilbert at gmail.com
Tue Nov 10 03:57:23 UTC 2009
On Sun, 8 Nov 2009 22:15:30 -0800 Ryan Niebur wrote:
> Source-Version: 1.1.4-1
>
> On Sun, Nov 08, 2009 at 07:23:32PM -0500, Michael Gilbert wrote:
> > package: libjson-ruby
> > version: 1.1.9-1
> > severity: important
> > tags: security
> >
> > Hi,
> >
> > Your package embeds prototype.js, which makes security updates very
> > cumbersome, difficult, and potentially error-prone. Please update your
> > package to make use of the system prototype.js provided by the
> > libjs-prototype binary package.
> >
> > This is a mass-filing, and the only checking done so far is a version
> > comparison. If your package for some reason is not affected or already
> > uses the system prototype.js, please close this bug with a message
> > indicating that that is the case.
> >
> > Thank you very much for your attention on this matter.
>
> This was fixed in 1.1.4-1. I think. Did I miss something?
looks like it. since i had so many issues to triage, i missed this.
mike
More information about the Pkg-ruby-extras-maintainers
mailing list