Accepted ruby-redcloth 4.3.2-3+deb10u1 (source) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 06 Jul 2023 15:00:33 +0000
Source: ruby-redcloth
Architecture: source
Version: 4.3.2-3+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
ruby-redcloth (4.3.2-3+deb10u1) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* Fix CVE-2023-31606: Regular Expression Denial of Service (ReDoS)
issue was discovered in the sanitize_html function of redcloth.
This vulnerability allows attackers to cause a Denial of
Service (DoS) via supplying a crafted payload.
Checksums-Sha1:
3dd64a34430da4126f5e9fb5f2a0f187400729ed 2138 ruby-redcloth_4.3.2-3+deb10u1.dsc
7c1706784c0835008c781c407af309a5065dac1b 91880 ruby-redcloth_4.3.2.orig.tar.gz
7725f823b680edc5da44e71db1a1ce7573681108 6800 ruby-redcloth_4.3.2-3+deb10u1.debian.tar.xz
4c49adc9d8407ba650bd05f0e3b354486a7e2050 9790 ruby-redcloth_4.3.2-3+deb10u1_amd64.buildinfo
Checksums-Sha256:
a39cde18e7d48979d5ab6ff18de0d4c4a0f401bcd75898b09d910ec62d16d837 2138 ruby-redcloth_4.3.2-3+deb10u1.dsc
fbfc709ef742f962896e1cd063b8bd828bdc0ddce36755edbe493cd3231ea850 91880 ruby-redcloth_4.3.2.orig.tar.gz
2fd77c6390d751a0eb899733c1b51beef12d85e12e18726ce33277124857f8c6 6800 ruby-redcloth_4.3.2-3+deb10u1.debian.tar.xz
db68de98b647135e3a3668fdd6b38ca17daec7f198cc8aef584e6bf1f2e178e6 9790 ruby-redcloth_4.3.2-3+deb10u1_amd64.buildinfo
Files:
c2314384eb6f87daea468cc891e2baae 2138 ruby optional ruby-redcloth_4.3.2-3+deb10u1.dsc
ef305724e95b4cbdfbaa085ac2d956c1 91880 ruby optional ruby-redcloth_4.3.2.orig.tar.gz
ddb3e5d9e3d2b15098540de82a8bc4bf 6800 ruby optional ruby-redcloth_4.3.2-3+deb10u1.debian.tar.xz
9a390872aaddf5f473626a3facb5f497 9790 ruby optional ruby-redcloth_4.3.2-3+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmSm2LkRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF+0CA//Q/oP4eLx+Gu0xchYf+l02/JIkEcMDwLT
zNEt1NaP26+rM/XHoApqFnl87YpnXCCNUw+qCVBTKpxtHr3aozsf2JBt6qmxj871
h1MibGWe/QmmvSsjL8Y8lAg2Jp9bP777vX6K364ziqJKAQ8rCHhiH1SNzxs3vnmu
Vwi1VzWnm2tQsq3eh5wnW2zRC9YHGlqfxt+g2JE0UqZ0pkFCJUejk2H0vzgjsQsL
L846ZHkaUIK0Wksg5W8a4tIEQs2eJNCXFZiKAUxsD57a3+ocr1n9sDHgShetwJlp
IG6wgpJquTS1L3pTLY8rywu80+TLRtsyapjv6X9fZSsNwmxH42nCYPrjQO5uDItc
2BaSTfIHcf8TQ+OvW2konV4ddHYwc5SDyeTQu+SdveGMzFUhg5wzW1YStoZHqJSh
hVS3L2f1P3Xtyl5bFSkGMk9ep47u7ThhjGcX3PyEEfqjpO06+0DrBASKOTvBwiQV
lXSYvJRxryTib1ESRixRCJMvjqh9hFPts7+ZTlcvkvE+ZKbqJagK5L20Czpr7py9
BHcKGT/U1+rVCUacnUL4LxuT5TQx+dtynYt8my2mWoh+Nr4bQ9Jmo50bTr2ARUhP
8qQ3ATaeiCyt4pVurBI8QXrvstLC0g3wvIij3vffnUrxbXYBDuku+L/lJVYue8kI
i9C2+9tEZeU=
=v4sZ
-----END PGP SIGNATURE-----
Reply to: