[DRE-maint] Bug#789311: Bug#789311: ruby-rack: CVE-2015-3225: Potential Denial of Service Vulnerability in Rack normalize_params()
Salvatore Bonaccorso
carnil at debian.org
Thu Jul 30 20:43:05 UTC 2015
Hi,
On Thu, Jul 30, 2015 at 09:58:27PM +0200, Salvatore Bonaccorso wrote:
> The targetting distribution was still set to 'unstable'. I have fixed
> that in the attached debdiffs and added the patch for jessie-security
> (can you import them in your VCS please?). I have uploaded to
> security-master the jessie-security one as attached. But for
> wheezy-security the package does not built. Build-log is attached. It
> fails for me as well already with 1.4.1-2.1. Can you have a look?
It does not FTBFS if I build with sbuild, but does with the attached
log in pbuilder. I can use this as wokraround at least for the DSA
itself.
Regards,
Salvatore
More information about the Pkg-ruby-extras-maintainers
mailing list