ruby1.9.1 test packages for wheezy

To: Debian LTS <debian-lts@lists.debian.org>
Subject: ruby1.9.1 test packages for wheezy
From: "Santiago R.R." <santiagorr@riseup.net>
Date: Tue, 10 Apr 2018 23:55:41 +0200
Message-id: <[🔎] 20180410215541.GB31924@novelo>

Hi,

I have uploaded test packages of ruby1.9.1 to my personal repo:

    deb https://people.debian.org/~santiago/debian santiago-wheezy-security/
    deb-src https://people.debian.org/~santiago/debian santiago-wheezy-security/

It would be great to have feedback from it, especially because:
This package includes fixes to WEBrick-related CVEs (CVE-2017-17742 and
CVE-2018-8777). Upstream considers that one the of revision changes, r62965
in [1], could break apps during authentication, if apps "want to do
something with the body besides calculating the MD5 digest of it."

[1] https://github.com/ruby/ruby/commit/a45622669bb1ff18d3ee9b411128acd839c4263e


To install the packages from the repository you will need to:

    apt-get install apt-transport-https

and import my key used to sign the package:

    wget -qO - https://people.debian.org/~santiago/0x4BC80A69432387E8-santiago.key \ 
       | sudo apt-key add -

Cheers,

 -- Santiago

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: ruby1.9.1 test packages for wheezy
  - From: Antoine Beaupré <anarcat@orangeseeds.org>

Prev by Date: Re: libgcrypt11 same issue? Was: Re: [SECURITY] [DLA 1283-1] python-crypto security update
Next by Date: Re: rubygems / CVE-2018-1000074
Previous by thread: My Debian LTS activities in March 2018
Next by thread: Re: ruby1.9.1 test packages for wheezy
Index(es):
- Date
- Thread