[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted ruby-actionpack-page-caching 1.0.2-4+deb9u1 (source) into oldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 23 Jul 2021 17:32:20 +0200
Source: ruby-actionpack-page-caching
Binary: ruby-actionpack-page-caching
Architecture: source
Version: 1.0.2-4+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 ruby-actionpack-page-caching - static page caching for Action Pack (removed from core in Rails 4
Changes:
 ruby-actionpack-page-caching (1.0.2-4+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2020-8159: there is a vulnerability in actionpack_page-caching gem
     < v1.2.1 that allows an attacker to write arbitrary files to a web
     server, potentially resulting in remote code execution if the attacker
     can write unescaped ERB to a view.
   * Drop example tests/control.ex as recommended by said file.
Checksums-Sha1:
 03a4a09e6cb53583bf4dd9b061753c6c801f9d77 2343 ruby-actionpack-page-caching_1.0.2-4+deb9u1.dsc
 4289663f555886ad96c68ac61ee3c69fec6d6f0c 8493 ruby-actionpack-page-caching_1.0.2.orig.tar.gz
 7d2a58a72cefcafa0fc0c5c22474ad7d3ebc3da9 4732 ruby-actionpack-page-caching_1.0.2-4+deb9u1.debian.tar.xz
 e770e9e1ce8894177793c9ce23c501c2ebcf5ab8 7659 ruby-actionpack-page-caching_1.0.2-4+deb9u1_all.buildinfo
Checksums-Sha256:
 1f9d0d0ca0ca5f306219a014ec8c1a7d1b22cc80d414d9e52759ff49ef96e838 2343 ruby-actionpack-page-caching_1.0.2-4+deb9u1.dsc
 65b27bd5c8c9c322c66a7642975c0766196ef4c00383b738d91c179f2506af2e 8493 ruby-actionpack-page-caching_1.0.2.orig.tar.gz
 782fffc827f9d943555405f6a6800b04a64ee2778b4b9c3e2d1b83481a475556 4732 ruby-actionpack-page-caching_1.0.2-4+deb9u1.debian.tar.xz
 deca212058015f00f5e8258ddc731b1147862ab155ec4b3645d042bbfeda69e6 7659 ruby-actionpack-page-caching_1.0.2-4+deb9u1_all.buildinfo
Files:
 c0c2a9b3f4707ea5f809427799e6a89d 2343 ruby optional ruby-actionpack-page-caching_1.0.2-4+deb9u1.dsc
 3150694c90fcff6e75c151b55a9b0dcd 8493 ruby optional ruby-actionpack-page-caching_1.0.2.orig.tar.gz
 12cf29277ba30d8df680a6dda5eb4ee8 4732 ruby optional ruby-actionpack-page-caching_1.0.2-4+deb9u1.debian.tar.xz
 e13cd2d156ffa0acd4d7419ea460b5df 7659 ruby optional ruby-actionpack-page-caching_1.0.2-4+deb9u1_all.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmD65ZwACgkQDTl9HeUl
XjDCcQ//YT6fh2IPakP6GCKpj8syn7B9zM/bUyg0kzfL7QwfSWaN0JmG84kN+HRb
F5WZWDRTiKtWvLG3w9XN2egvAnQzj7fDxfBdmJCckgO8ZcKxIDKfhXXHkLgPZqZO
vqdQjh6cV2IJ6C27bOVB9ziVVrtprFEOHZJpmw7GbBqk31jrpkB/XDMISwb3YgKh
h1WxTO2H2K4vUjhHFENTb6t6Vm2nwCpZw+nuqt7A26FOQzX2qMUqotrbPclrEyiL
b0++lm7+AmUtg63pVO2gA1YpDU48cb7oAfdoFmNFzR+yNuVCp8Clij6cwm6WRucx
3PULAEQkiD7lEGXim2HYu79xBLqH2BIsuGygxiCMSx+kIdwo1sEB/yLyEbwL6yK0
TVQaWFHIlztkS+xzj5L8AiIy3VbLa893W2WotSMBdMeltleH77/hNVtf4CPi2Ip8
GzF1b9vhq4kN74FLo/hyM6aNM1ifkvWnJAXRt6lP+s/tzMYf2VylBf96CWVey1gB
JWRXaBn3PMhLkIuSUcaSrOb9asRKrletYteIjQAnCMi8Q3d28qbhgDUZIkXhy+vH
z+32iBonirs73+LZ6fT4G2H6syb3mrR+T8uSCMz7KV30rO9qstiaCNE27TdzDh3A
SVdxO3C3m/JkA/QPbZmFo6eEShm7gUM6PPYbkgBMryFHQKx+GTg=
=FViU
-----END PGP SIGNATURE-----


Reply to: