[DRE-maint] ruby-actionpack-3.2_3.2.6-4_amd64.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri Aug 10 17:32:14 UTC 2012
Accepted:
ruby-actionpack-3.2_3.2.6-4.debian.tar.gz
to main/r/ruby-actionpack-3.2/ruby-actionpack-3.2_3.2.6-4.debian.tar.gz
ruby-actionpack-3.2_3.2.6-4.dsc
to main/r/ruby-actionpack-3.2/ruby-actionpack-3.2_3.2.6-4.dsc
ruby-actionpack-3.2_3.2.6-4_all.deb
to main/r/ruby-actionpack-3.2/ruby-actionpack-3.2_3.2.6-4_all.deb
Changes:
ruby-actionpack-3.2 (3.2.6-4) unstable; urgency=high
.
* Add patches for security problems (Closes: #684454):
+ CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
prompt
+ CVE-2012-3465 - XSS Vulnerability in strip_tags
+ Both patches were edited from their original versions in two ways:
- the leading a/ and b/ from the filenames were stripped
- changes over test files were removed, since the Debian package
contains no test files.
Override entries for your package:
ruby-actionpack-3.2_3.2.6-4.dsc - source ruby
ruby-actionpack-3.2_3.2.6-4_all.deb - optional ruby
Announcing to debian-devel-changes at lists.debian.org
Closing bugs: 684454
Thank you for your contribution to Debian.
More information about the Pkg-ruby-extras-maintainers
mailing list