[DRE-maint] Bug#861870: Requesting unblock

Balasankar C balasankarc at autistici.org
Sat May 6 17:30:37 UTC 2017


Hi,

On Sat, 6 May 2017 10:43:13 +0200 Tomasz Buchert <tomasz at debian.org> wrote:
> 
> Hi,
> in this case I'm going to close my request in #861914, and let you
> take care of it.

I just confirmed that this vulnerability does not apply to the GitLab version we
have in Debian. This is because the SVG rendering feature was introduced in a
later version and this vulnerability applies only to the ones with that feature.
So, I will be reverting the commit I pushed to gitlab source repository in
alioth and once 8.13.11+dfsg1-5 migrates to Testing, all will be well.

Thanks for the report Salvatore and the help Tomasz. It's encouraging to see
others are also looking at this package.

Because of the above reasons, I will be closing this issue.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-ruby-extras-maintainers/attachments/20170506/efabd622/attachment.sig>


More information about the Pkg-ruby-extras-maintainers mailing list