Accepted ruby2.3 2.3.3-1+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 02 Sep 2017 15:11:07 -0300
Source: ruby2.3
Binary: ruby2.3 libruby2.3 ruby2.3-dev ruby2.3-doc ruby2.3-tcltk
Architecture: source amd64 all
Version: 2.3.3-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Antonio Terceiro <terceiro@debian.org>
Changed-By: Antonio Terceiro <terceiro@debian.org>
Description:
libruby2.3 - Libraries necessary to run Ruby 2.3
ruby2.3 - Interpreter of object-oriented scripting language Ruby
ruby2.3-dev - Header files for compiling extension modules for the Ruby 2.3
ruby2.3-doc - Documentation for Ruby 2.3
ruby2.3-tcltk - Ruby/Tk for Ruby 2.3
Closes: 842432 864860 873802 873906
Changes:
ruby2.3 (2.3.3-1+deb9u1) stretch-security; urgency=high
.
* Fix arbitrary heap exposure problem in the JSON library (Closes: #873906)
[CVE-2017-14064]
- Backported for Ruby 2.3 by Hiroshi SHIBATA <hsbt@ruby-lang.org>
https://bugs.ruby-lang.org/issues/13853
* Fix multiple security vulnerabilities in Rubygems (Closes: #873802)
- Fix a DNS request hijacking vulnerability. Discovered by Jonathan
Claudius, fix by Samuel Giddins.
[CVE-2017-0902]
- Fix an ANSI escape sequence vulnerability. Discovered by Yusuke Endoh,
fix by Evan Phoenix.
[CVE-2017-0899]
- Fix a DOS vulernerability in the query command. Discovered by Yusuke
Endoh, fix by Samuel Giddins.
[CVE-2017-0900]
- Fix a vulnerability in the gem installer that allowed a malicious gem to
overwrite arbitrary files. Discovered by Yusuke Endoh, fix by Samuel
Giddins.
[CVE-2017-0901]
* Fix SMTP comment injection (Closes: #864860)
Patch by Shugo Maeda <shugo@ruby-lang.org>
[CVE-2015-9096]
* Fix IV Reuse in GCM Mode (Closes: #842432)
Patch by Kazuki Yamaguchi <k@rhe.jp>
[CVE-2016-7798]
Checksums-Sha1:
1fb0abe2fa93e6436dc5982a9624e321a1233aae 2500 ruby2.3_2.3.3-1+deb9u1.dsc
f47b1a3beb1dee13355a3d5e6f23ee7e03428e8b 8359724 ruby2.3_2.3.3.orig.tar.xz
abd1db48d6701ab6ac61cb1f1db92a2aecac2db9 98172 ruby2.3_2.3.3-1+deb9u1.debian.tar.xz
dafcaefc02b5722139f683a4dfe5c4e38769a8a9 4603116 libruby2.3-dbgsym_2.3.3-1+deb9u1_amd64.deb
2e5b14ba3b415142c6350ae38ab633e01f8c753f 3108522 libruby2.3_2.3.3-1+deb9u1_amd64.deb
0cb65c2e64e33350351288008414700b290a522b 5220 ruby2.3-dbgsym_2.3.3-1+deb9u1_amd64.deb
6c44b7b4b0ffc85ce3e23a39e1aede5b6abf31d9 1178900 ruby2.3-dev_2.3.3-1+deb9u1_amd64.deb
35cee840c752b5a8c21087a475689b69def529b6 3511436 ruby2.3-doc_2.3.3-1+deb9u1_all.deb
0c0e7da85dc7ca1a14ff7e19b149131107eacd25 193490 ruby2.3-tcltk-dbgsym_2.3.3-1+deb9u1_amd64.deb
9a6bbf6b4b3c1c330b8be3d8e15e86ff8467fe0f 421470 ruby2.3-tcltk_2.3.3-1+deb9u1_amd64.deb
cc6a199ce58097ad7a2da07ea610be740a277043 10332 ruby2.3_2.3.3-1+deb9u1_amd64.buildinfo
9da59f9a6d4e24688e477b39780280ec2cc866ac 186954 ruby2.3_2.3.3-1+deb9u1_amd64.deb
Checksums-Sha256:
69185b16843692fe1395a94b91969b420393a51c31a6ffa7b6f6b45c92df7a9d 2500 ruby2.3_2.3.3-1+deb9u1.dsc
799796bb740832c7257f45089fdbd9cd57686cac033f88d0b078063b6d3d77ad 8359724 ruby2.3_2.3.3.orig.tar.xz
78376c991383f677a53a52f757304eb93c3acd3c5f825724c632d828414e032d 98172 ruby2.3_2.3.3-1+deb9u1.debian.tar.xz
793d427ef5ba758f6ecb82c76fabeee88c8946345ef9a721056725dc9034465d 4603116 libruby2.3-dbgsym_2.3.3-1+deb9u1_amd64.deb
10fb7c8406b1ba69ca185526269205be29eb3c29274ae2e7b418146b2f2f5d27 3108522 libruby2.3_2.3.3-1+deb9u1_amd64.deb
b774a20547be1556268b82106b4f245e501914d6df4a2259d2fd4c7cb05da264 5220 ruby2.3-dbgsym_2.3.3-1+deb9u1_amd64.deb
97b623e5c6c538a1c7120311a8e95d602f89005a7bc29f96026c5616756c3d32 1178900 ruby2.3-dev_2.3.3-1+deb9u1_amd64.deb
a97a93249672fb1e26d23fc7c1bf85fa0b586f2126f03f4d7c6aa3f182c01c76 3511436 ruby2.3-doc_2.3.3-1+deb9u1_all.deb
4268d6d3d6110cc1468ba85ffa732e692a318102a74a7122e26ebe88895504fc 193490 ruby2.3-tcltk-dbgsym_2.3.3-1+deb9u1_amd64.deb
5ec80cbf9b6e9346e06c7cd83ea16125a66b24948dab9267249273ed91dee11f 421470 ruby2.3-tcltk_2.3.3-1+deb9u1_amd64.deb
18463b0683fc134546ded092743e5be6f75ef363d7753514721fa001559d3803 10332 ruby2.3_2.3.3-1+deb9u1_amd64.buildinfo
f9bbea7a6f167d7f10c922a5d399a4936e3219e8b25beff9be851d1ee40a0aea 186954 ruby2.3_2.3.3-1+deb9u1_amd64.deb
Files:
0152ca7b75f4ed5612513e008f31f924 2500 ruby optional ruby2.3_2.3.3-1+deb9u1.dsc
c331a69a24e5ed52d7ccecf08e4ed5e8 8359724 ruby optional ruby2.3_2.3.3.orig.tar.xz
74e6dc3344da27ba22ed901f73fdefe4 98172 ruby optional ruby2.3_2.3.3-1+deb9u1.debian.tar.xz
8ea249602ed656ec0bb32cf064cf5d55 4603116 debug extra libruby2.3-dbgsym_2.3.3-1+deb9u1_amd64.deb
13b922ec34256c9d1b76cd23f8b36f61 3108522 libs optional libruby2.3_2.3.3-1+deb9u1_amd64.deb
3d40e233f9a45dc26e544a5acc2a4bc8 5220 debug extra ruby2.3-dbgsym_2.3.3-1+deb9u1_amd64.deb
e19763cc77af141ace5c139fd6cb84f4 1178900 ruby optional ruby2.3-dev_2.3.3-1+deb9u1_amd64.deb
39b9d578f359edfbb04150528afb589a 3511436 doc optional ruby2.3-doc_2.3.3-1+deb9u1_all.deb
dd71ad4d3a98959574a118cfb8c633a2 193490 debug extra ruby2.3-tcltk-dbgsym_2.3.3-1+deb9u1_amd64.deb
9d1a1ae5e09a8835623ee391fac2645c 421470 ruby optional ruby2.3-tcltk_2.3.3-1+deb9u1_amd64.deb
8624d37085286d702159d5a3785605a8 10332 ruby optional ruby2.3_2.3.3-1+deb9u1_amd64.buildinfo
77dcce2295af65a8d8f2c8b0efb49e31 186954 ruby optional ruby2.3_2.3.3-1+deb9u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAlmsm+sACgkQ/A2xu81G
C94mwBAAnCog4DRBL8dATLQt048SzDTbOctB7cnQO6xIFlI+5jflxFkfNwRLmn+v
KNWiNT2+6Wp6SIDT/kVRNNx0tQBlh6F92kURYiPt/EApL2JDiB+VMA37Qjx5QdPf
a27F/vxQ+vrPhk6ffCX3JOUQ3cVhWUVuZUsKs1X55bUOvdwx8LRRCcRExRtLfE6h
kMcoMsVJlwFQKqTaXI16nQvglZxTYA+pUbN6UJjnmIuFOuNlHk/nj3liU024UUYE
dT6s4i10JXb9XJ0/NLrBJb1Wggv0MLzfK/uxWEJFd2cb21O9X7L4RlY8Nx0LHbgg
KGXdMlujX/lrOqcPu2QoejPGnjg5w0vEXdtkgZdRHW8I5uWaBNRhzOwL6Zx0tMIH
NniovcBSfVqgeyNloWaBiaS8TfH3GDWk31fnOs6HUsToJmDSgpydiuLvhk6P35in
sbm1kq3v0msrW9NBTGirn/f/gQPiLxejAib6zX3IVj+GkNqmVm1zrE9y7HxTPOir
DQbEMuMa3SR5jdCLWr+yUuaSY3wpgoMM8fDYUuG/DXZHoQypuyR5X5Y+g6286gJh
xUgxu8YqGTRaglzG4OnVg2HgjdL3vvM5ztzHKAmEfwz4CmzAB8fHMmD/zYEPLUZB
fl6S/PO5GcrQJLG/6Vpu0YH8/wfbSfwNreEAeI55zW7/ISm8P3g=
=TRQN
-----END PGP SIGNATURE-----
Reply to: