[DRE-maint] Bug#964432: ruby-rails update destroy redmine issue number linking
Sylvain Beucler
beuc at beuc.net
Mon Aug 3 13:32:54 BST 2020
Hi,
On 03/08/2020 13:52, Utkarsh Gupta wrote:
> Whilst I am totally fine by this suggestion, but still asking..
> Would it make sense to fix this, since this upload was made just
> around the time Jessie was EOL'ed.
> Of course, I'd want people to upgrade, for sure, but in case they
> can't, I don't want to leave them high and dry.
>
> D'you think there's anything that could be done here?
> (or if that's too much to work on, maybe consider reverting the fixes?)
This version is now impacted by new security issues, such as
CVE-2020-8163, so I would recommend upgrading anyway. There is no place
to upload a new version (in particular, not in ELTS where neither rails
nor redmine are supported), and as far as I understand s.jaekel could
revert the security fixes manually, nearly a month ago. What are you
suggesting, more precisely?
If after upgrading to Stretch, and despite my working test today, the
regression persists, I'll have a look at it.
Cheers!
Sylvain
More information about the Pkg-ruby-extras-maintainers
mailing list