[DRE-maint] Debian LTS Security update of ruby-activerecord-3.2
Ola Lundqvist
opal at debian.org
Mon May 30 18:11:23 UTC 2016
Hi Guido
Yes that is true. I have not solved that problem. I focused on only one of
the issues as I had to look into two packages to solve the one you refer
to. Great that you will have a look at that one.
I'll upload ruby-activerecord-3.2 shortly (read today) and it will look
like the one I had in the directory above. But I guess it is better to base
it on the one I upload just in case.
Cheers
// Ola
On Mon, May 30, 2016 at 8:08 PM, Guido Günther <agx at sigxcpu.org> wrote:
> Hi Ola,
> On Thu, May 26, 2016 at 11:27:42PM +0200, Ola Lundqvist wrote:
> > Hi ruby-activerecord-3.2 maintainer(s) and Debian LTS team
> >
> > This is my third package contribution to Debian LTS. I'm doing this as a
> > training exercise and this is why the maintainer have not been asked to
> > this for me.
> >
> > I have prepared an update of the ruby-activerecord-3.2 package with a fix
> > for
> > https://security-tracker.debian.org/tracker/CVE-2015-7577
>
> While looking into CVE-2016-0753 of ruby-activemodel-3.2 I noticed that
> ruby-activerecord-3.2 is affected as well and not fixed with your
> proposed debdiff. I'm just looking into this atm and don't want to
> duplicate efforts.
>
> Cheers,
> -- Guido
>
--
--------------------- Ola Lundqvist ---------------------------
/ opal at debian.org Folkebogatan 26 \
| ola at inguza.com 654 68 KARLSTAD |
| http://inguza.com/ +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-ruby-extras-maintainers/attachments/20160530/18d25473/attachment.html>
More information about the Pkg-ruby-extras-maintainers
mailing list