Accepted ruby-rack 1.6.4-4+deb9u2 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 10 Jul 2020 16:48:01 +0530
Source: ruby-rack
Binary: ruby-rack
Architecture: source all
Version: 1.6.4-4+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Description:
ruby-rack - modular Ruby webserver interface
Closes: 963477
Changes:
ruby-rack (1.6.4-4+deb9u2) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Add patch to use Dir.entries instead of Dir[glob] to prevent
user-specified glob metacharactersfix. (Fixes: CVE-2020-8161)
* When parsing cookies, only decode the values.
Patch utils to fix cookie parsing. (Fixes: CVE-2020-8184)
(Closes: #963477)
Checksums-Sha1:
ad72f4b2e6dbd5e2ee96cb86f7d58e5a1cecf629 2300 ruby-rack_1.6.4-4+deb9u2.dsc
638c3760d5d1efaf3c33e7d649e56bc766e065f5 232193 ruby-rack_1.6.4.orig.tar.gz
027496f0f01c33018290b85c7bd28541d6876ae3 7952 ruby-rack_1.6.4-4+deb9u2.debian.tar.xz
07e5dd86a4e85abf4c08499d200346e29674bbc4 88846 ruby-rack_1.6.4-4+deb9u2_all.deb
088555ec251426311175323966fdcd5725688146 7240 ruby-rack_1.6.4-4+deb9u2_amd64.buildinfo
Checksums-Sha256:
b1940047bafe28632b84f0771f195abc5e1900711c6ba3000fcaea319f8da9c6 2300 ruby-rack_1.6.4-4+deb9u2.dsc
ceee5dd5aa0b0e2f765085e7dc378dab993bb80632974ad753e606547c6babd0 232193 ruby-rack_1.6.4.orig.tar.gz
1b085ec4042def483ab2fe38d3ece6253cecb8b0322c2ff76be7f88c5b93fc86 7952 ruby-rack_1.6.4-4+deb9u2.debian.tar.xz
6d52655f31e0aac4cd1b566a43bd8b36abdf1a7c1a470169e56e846e3600ce21 88846 ruby-rack_1.6.4-4+deb9u2_all.deb
97ef851b8b32c4e184167db099a4ca2f7231bad824866bc2f385ca083f511d53 7240 ruby-rack_1.6.4-4+deb9u2_amd64.buildinfo
Files:
2679970889e5b4e03aaf58b38d1bf50e 2300 ruby optional ruby-rack_1.6.4-4+deb9u2.dsc
6c24629ae41942168fe2b36902cd8c49 232193 ruby optional ruby-rack_1.6.4.orig.tar.gz
d331f15c10c91b55ab376f44e81288bb 7952 ruby optional ruby-rack_1.6.4-4+deb9u2.debian.tar.xz
b48acb99a1fae3392cc1c776de033332 88846 ruby optional ruby-rack_1.6.4-4+deb9u2_all.deb
2a48f52e1a6ba595e007d40231cc422e 7240 ruby optional ruby-rack_1.6.4-4+deb9u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl8IVQwTHHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLllUXEADpY2Qc5Ww3eJVvdpb+fcxyFXS0uFJE
tAV8CSu+E2Ydj0XYNoKuRKk1QkRC1HIHujjAwgtb9Klm7nt1K/5DdNK238CD4pCX
AmQN55i3vJESGyLk7IE9uMhdtJyXFYJclOYrw6Bzck0wJMkUXwbu1eS9D8RiHUaE
/zFrcFg9G0jfj0xEGqx+NsdSznk6Lot4K6PeS0MXC9730DR5w6uFlJ8XMS0LwXrb
sCqvRvB4RlRejkx0IotUbVOCH4ztB8XjKWSnciaI3mojFbLXO1Iwqwc9oONKHVvn
hBINW+E8/3h7bvhGXkRFs2Cj933VdELd4AVV8sG0cJadYue3BKhfNBfoEeRAy2mZ
PEvZTjv0T9bxMQ5JXd00htojOK1Q5XScee4PawrogLH2FpnO9yVopJsbxzQnMuUe
azlRiwFpP/2XhlWH+5cPMMvrGhdnESJAu3pYoPbx9CDL8S0kc1EgGPFx/67xH4OD
yFXYO3JhRm+bLuS74Q66K9ImEK/8xyYOAF/ryKO1SOVrLSCvElPKnCjRPertTqxY
3YiabIimcjZpbBz7bUYxqWlyafphyf8w79dslI6hh2Ssndq1Odu6h1V+Z7UVkUgk
x6OwwsMdLYCznt6nv6kRtyDUAtkTWc1Y78u2MrgzVRpNT7o6sqQsCOK1rhAzhXFP
fEy636olFxWWzQ==
=5EPr
-----END PGP SIGNATURE-----
Reply to: