[DRE-maint] Bug#697744: ruby-activerecord-3.2: CVE-2013-0155

Antonio Terceiro terceiro at debian.org
Wed Jan 9 21:22:14 UTC 2013


clone 697744 -1
reassign -1 ruby-actionpack-3.2
thanks

On Wed, Jan 09, 2013 at 08:48:08AM +0100, Moritz Muehlenhoff wrote:
> Package: ruby-activerecord-3.2
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Please see http://www.openwall.com/lists/oss-security/2013/01/08/13
> 
> "rails" from stable should not be affected, but please double-check.

The fix for this is actually spread over two packages, so I am cloning
this bug to the other one. Thanks for reporting.

-- 
Antonio Terceiro <terceiro at debian.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-ruby-extras-maintainers/attachments/20130109/e28c0a7d/attachment.pgp>


More information about the Pkg-ruby-extras-maintainers mailing list