Accepted rails 2:4.2.7.1-1+deb9u3 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 29 Jun 2020 09:55:00 +0200
Source: rails
Binary: ruby-activesupport ruby-activerecord ruby-activemodel ruby-activejob ruby-actionview ruby-actionpack ruby-actionmailer ruby-railties ruby-rails rails
Architecture: source
Version: 2:4.2.7.1-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
rails - MVC ruby based framework geared for web application development (
ruby-actionmailer - email composition, delivery, and receiving framework (part of Rai
ruby-actionpack - web-flow and rendering framework putting the VC in MVC (part of R
ruby-actionview - framework for handling view template lookup and rendering (part o
ruby-activejob - job framework with pluggable queues
ruby-activemodel - toolkit for building modeling frameworks (part of Rails)
ruby-activerecord - object-relational mapper framework (part of Rails)
ruby-activesupport - Support and utility classes used by the Rails 4.1 framework
ruby-rails - MVC ruby based framework geared for web application development
ruby-railties - tools for creating, working with, and running Rails applications
Changes:
rails (2:4.2.7.1-1+deb9u3) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2020-8164: possible Strong Parameters Bypass in ActionPack
* CVE-2020-8165: potentially unintended unmarshalling of user-provided
objects in MemCacheStore
* CVE-2020-8163: potential remote code execution of user-provided
local names
Checksums-Sha1:
690e46ebb3f0b843b47b4655bf4cfdd6a5d3f937 3174 rails_4.2.7.1-1+deb9u3.dsc
d8389a376f2b03547b1ce8f8df26f69f85e65d42 4181681 rails_4.2.7.1.orig.tar.gz
fa218fadc64e42c3e3e7191c50c97e3f02cc0b3c 96412 rails_4.2.7.1-1+deb9u3.debian.tar.xz
a18b1d2aa9cdadf6025ee9f37429971efd6d2dbf 10984 rails_4.2.7.1-1+deb9u3_amd64.buildinfo
Checksums-Sha256:
d61f013cc1f01ab7227c4060ada38f5c0f6b81b62b5a159ba3b8c8f95d07e48d 3174 rails_4.2.7.1-1+deb9u3.dsc
bfa7854f1b35e449b78db2af83fe660f17b101a487728fcfc6fb623967fb4783 4181681 rails_4.2.7.1.orig.tar.gz
af5189c787b6127f8822d6ce4d09e0b15b39ce42b1d2617b3fd7ba6475358e0f 96412 rails_4.2.7.1-1+deb9u3.debian.tar.xz
ef8881106cf7862f8df15684dc8b8423f7b496aa09126eb51a5cf6e14599f61c 10984 rails_4.2.7.1-1+deb9u3_amd64.buildinfo
Files:
b38437a852d8b4c338ac0c7432f7cd78 3174 ruby optional rails_4.2.7.1-1+deb9u3.dsc
d6755586a995283c91f15d857ef74387 4181681 ruby optional rails_4.2.7.1.orig.tar.gz
f96aaabb1ad1821c6112269bf49fdf19 96412 ruby optional rails_4.2.7.1-1+deb9u3.debian.tar.xz
46382fecbe1dfdb19dcb0e7f8657cd83 10984 ruby optional rails_4.2.7.1-1+deb9u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl8VkQsACgkQj/HLbo2J
BZ8/owf+NYbKiWnwP8Lz12efl8iwEVfi5a9VNYlBgsoRECCEoqwjH48Z3D2vDeFt
Acbf2smTqmnava5eauZpUZxJ9OYAw2lThNAT4L+m1lcaa85Kqo4TUw7wn3YBv6ki
e1h77BohMIKJoKeQObDOSwRdkLvE1bPupZnb6k06OHa/oD9Hd9FnDjvfB47lwhtc
yP42cT4XUk4SExsMsP1lIbDMDSp7mKfVn8fKvMOGysxD1mJDV5CoamN72RcCO6M6
fOsGLn35cC7A5L9tg+2/k5w2qYVjlKN/opterWjSU/96hzG06U7XfxYd9GR7Fp4/
NU3/CT9CXjWwsmBbxqg5q/j24heymQ==
=o4y4
-----END PGP SIGNATURE-----
Reply to: