Accepted rails 2:4.2.7.1-1+deb9u4 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 09 Oct 2020 18:46:59 +0200
Source: rails
Binary: ruby-activesupport ruby-activerecord ruby-activemodel ruby-activejob ruby-actionview ruby-actionpack ruby-actionmailer ruby-railties ruby-rails rails
Architecture: source
Version: 2:4.2.7.1-1+deb9u4
Distribution: stretch-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
rails - MVC ruby based framework geared for web application development (
ruby-actionmailer - email composition, delivery, and receiving framework (part of Rai
ruby-actionpack - web-flow and rendering framework putting the VC in MVC (part of R
ruby-actionview - framework for handling view template lookup and rendering (part o
ruby-activejob - job framework with pluggable queues
ruby-activemodel - toolkit for building modeling frameworks (part of Rails)
ruby-activerecord - object-relational mapper framework (part of Rails)
ruby-activesupport - Support and utility classes used by the Rails 4.1 framework
ruby-rails - MVC ruby based framework geared for web application development
ruby-railties - tools for creating, working with, and running Rails applications
Changes:
rails (2:4.2.7.1-1+deb9u4) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2020-15169:
There is a potential Cross-Site Scripting (XSS) vulnerability in Action
View's translation helpers. Views that allow the user to control the
default (not found) value of the `t` and `translate` helpers could be
susceptible to XSS attacks. When an HTML-unsafe string is passed as the
default for a missing translation key named html or ending in _html, the
default string is incorrectly marked as HTML-safe and not escaped.
Checksums-Sha1:
c1e69aeda0d3c78018ecb86bd672191b1e8c0ada 3670 rails_4.2.7.1-1+deb9u4.dsc
5969f2bef3d0b4f873b3b7361b3d97d8f48a7d41 97260 rails_4.2.7.1-1+deb9u4.debian.tar.xz
6c3a5de229b425b749f194b466fb770e7528ec41 11484 rails_4.2.7.1-1+deb9u4_amd64.buildinfo
Checksums-Sha256:
745e46898499ac29f98fdb20397990b5a146652d497d2be9337fb82bb96f0a30 3670 rails_4.2.7.1-1+deb9u4.dsc
d86137979a5117d96f559f1f16e64b71869b2071c563c95d9ea15b7b83380742 97260 rails_4.2.7.1-1+deb9u4.debian.tar.xz
7d6688ab66aea0c6e30c47a82baa31ed45938c4be6360253813efceac188d276 11484 rails_4.2.7.1-1+deb9u4_amd64.buildinfo
Files:
aafad2fddd73d28cbb01d788c779cc7b 3670 ruby optional rails_4.2.7.1-1+deb9u4.dsc
e9c83a68ac7863c333a8d4def7e20d95 97260 ruby optional rails_4.2.7.1-1+deb9u4.debian.tar.xz
f889c36a9f037c6acf70368487614bef 11484 ruby optional rails_4.2.7.1-1+deb9u4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl+AnlRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkYfYQAIQiOsJ8USeGkmfuM/cI1gI2yViBJIbnA0C4
xpGQpZdz0g7uS/B8yisTjFg2f0Z9bqBHtu1cV8neF9d5b9YXZ7L13jMxCYnVvrtq
Oyai8EGHORudlsjQN/xR/0ySUizKR2gcJgAHk2RIdMpv4q2A+PVbmpuRcq0iqQAL
6WJ3TT6D0HQTMVgAvwwaozAU1dPGbh/BZulpXVFSJ72ReWuZd89aFSQT+zgFEj8n
SvSlDg+xb7CIUbI0PPaIU1Va2VckCkuXlA5/mAktyuhxob7TE5R1LsDt/jnl9D1P
rtu+6TNsr25NHCjCXUUDAeA4RagldEnocqgmFpJvbPVvKAXwL84iXRe6Nsm5daZ1
TJCetXIcObIyfN2n8355goti3yaxzgPY0Rr07KdMroOU9PFOI89CZYLSBnxZ3LZB
XFgm+Yiy7Td17TNKeQkvCQknXZ7OFQfoDUpbFESUseDp3ado/KB56rmA+X/AP6Z4
e7iJ4B+Nnk5AMvwWfgMOWB1gLqWPlvczS7/Xr4br6isT144/BgS4QzTU/LiFFSYA
haBx+gr7KNWz20MEk4Kd/tIu8t5S0tbP2Awv7lALADVsY1IEYlgPW6pxNEADogtz
T3STF+CaBirDzA2yUE3VB0EFHvPb4WiEACoaU1fhyRqabSe12brmrgEyDn8QFAYV
Tb+Urlwt
=KAMP
-----END PGP SIGNATURE-----
Reply to: