[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted rake 10.3.2-2+deb8u1 (source all) into oldoldstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 26 Feb 2020 21:40:04 +0100
Source: rake
Binary: rake
Architecture: source all
Version: 10.3.2-2+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Dylan Aïssi <daissi@debian.org>
Description:
 rake       - ruby make-like utility
Changes:
 rake (10.3.2-2+deb8u1) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2020-8130: Fix an OS command injection vulnerability in
       Rake::FileList when supplying a filename that begins with
       the pipe character `|`.
Checksums-Sha1:
 ab0e615b8cda22150be73f7c138d75471534b343 2169 rake_10.3.2-2+deb8u1.dsc
 85fb6843d83492c318bea3dcac70cfd9768800e8 130432 rake_10.3.2.orig.tar.gz
 3301f73c406f7b3eaffc9c168a4690ee7df8aa86 8536 rake_10.3.2-2+deb8u1.debian.tar.xz
 c335233fa49495aff504b30275e97225d00efeab 49202 rake_10.3.2-2+deb8u1_all.deb
Checksums-Sha256:
 d22a24bb91b81eef9a7ab38daa5a3c3f359428dcce92f0ed042d956b00f3bf72 2169 rake_10.3.2-2+deb8u1.dsc
 e8428af5ee7dbffa556ad296749079551ede9c0b4737e5115d063204cbebb0e7 130432 rake_10.3.2.orig.tar.gz
 aac803fda587ab93fcc8d2fe076e82cd4255f8d5501177594eb218768b62e685 8536 rake_10.3.2-2+deb8u1.debian.tar.xz
 fd15529187f784355685a64e54d1bbe0ecc660a9d645ff24b1e0c970b2cbfdc7 49202 rake_10.3.2-2+deb8u1_all.deb
Files:
 2a73ef12a8aafce269a0b45a06b49285 2169 ruby optional rake_10.3.2-2+deb8u1.dsc
 2005b4ecd01e372a89cab9ad4fd9c988 130432 ruby optional rake_10.3.2.orig.tar.gz
 2b92e0e51e8b85979fd5f10bbd9313e8 8536 ruby optional rake_10.3.2-2+deb8u1.debian.tar.xz
 732bd08ff637b43bec69d00c1729f5aa 49202 ruby optional rake_10.3.2-2+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEmjwHvQbeL0FugTpdYS7xYT4FD1QFAl5W4PwSHGRhaXNzaUBk
ZWJpYW4ub3JnAAoJEGEu8WE+BQ9U61UP/0pOlfsV5erbZuTh1P/WbSZtJ63SpChR
18iQtPpLVo26SDWzlK0b3X98NcIwn4Bl1qYEmEhHqX/paqjEo1dIhMV2q4f3PReR
OqPM85cu9/HtwVTGCwwwKICuhRgTCcctNi97FtZKClBmZP3b9zNdAN7YCqEXzKFX
zdweUrr4yFxexuaFIgTFs50Vi4JjbRcFs5KVYAyxk0rbOrZeyVCILruZP7z4OEYq
VR4JCKfihozFzT2SAOBEV+Ek1Ocz3umeaIuGLnnxPhNHAgCwsIO/ajU4ZnU7++OS
hpx/HcjKEchm+xnQicfe3wi2uVDgXdrgTDzu58sCIatG9wGzvlIuGsdEgrHAFNY1
BtHP66a425/abzNOl+nEdQrrh/S51rGk9tXepROgRk3zCc9axu7Qo+YdppupeAdI
fnzvv9lHltRHt+UwaF+6fQqhypbHg8U4IsrutIcclIjMS0yYHh3Sai6QxtKsfb1I
4bJlZgx+O1maeo0Z6UbPuwUAY7fOmWpcf/bnszBLCrGYDRTCcQYD/UcgeMpx++ZX
EW8gMK71jz3TaXFKiVep7cfhB0PcjI53L/oyG/a15TveH5IpjuDrltlZDrAh1TMv
i6DN+AH2sb1Y3y497H7f67voixYCSZxAKmUwLSMEOKLA7JLCfXflYru3UX71zulN
maCRKZoDI8JY
=qay4
-----END PGP SIGNATURE-----
Reply to: