ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)

To: security@debian.org
Cc: debian-ruby@lists.debian.org
Subject: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
From: Georg Faerber <georg@riseup.net>
Date: Thu, 22 Mar 2018 17:21:15 +0100
Message-id: <[🔎] 20180322162115.GM2961@debian>
In-reply-to: <[🔎] 20180322000423.GA8457@esfahan>
References: <[🔎] 20180321223557.GE2961@debian> <[🔎] 20180322000423.GA8457@esfahan>

Dear security team,

I would like to fix CVE-2018-8048, which is currently present in
ruby-loofah 2.0.3-2 in stretch. Do you prefer an "straight" upload done
by you, or should this be instead an upload via stretch-pu?

In any case, I'll prepare a patch.

Thanks for your work,
cheers,
Georg

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
  - From: Georg Faerber <georg@riseup.net>

References:
- RFS: ruby-loofah 2.2.1-1 (CVE-2018-8048)
  - From: Georg Faerber <georg@riseup.net>
- Re: RFS: ruby-loofah 2.2.1-1 (CVE-2018-8048)
  - From: Cédric Boutillier <boutil@debian.org>

Prev by Date: Re: RFS ruby-aws-sdk (1.67.0-2) && 2 questions
Next by Date: Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
Previous by thread: rails-html-sanitizer 1.0.3: Two broken tests with loofah 2.2.1 (CVE-2018-8048)
Next by thread: Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
Index(es):
- Date
- Thread