[DRE-maint] Bug#913005: ruby-rack: CVE-2018-16471: Possible XSS vulnerability in Rack
carnil at debian.org
Mon Nov 19 22:03:40 GMT 2018
On Mon, Nov 19, 2018 at 03:17:27AM -0500, Chris Lamb wrote:
> Chris Lamb wrote:
> > Security team, like ruby-i18n, I would be more than happy to prepare
> > and upload a stable security upload of this package when addressing
> > it in jessie LTS.
> > Ruby team, again, I could easily upload to sid at the same time. Let
> > me know here too.
> Gentle ping on the above two queries? :)
I think those will be no-dsa and can be adressed via a point release,
but we first need to evaluate those further.
More information about the Pkg-ruby-extras-maintainers