Re: Issues regarding ruby-rack/CVE-2019-16782

To: "Debian LTS" <debian-lts@lists.debian.org>, "Debian Security Team" <team@security.debian.org>
Subject: Re: Issues regarding ruby-rack/CVE-2019-16782
From: "Chris Lamb" <lamby@debian.org>
Date: Thu, 19 Dec 2019 18:45:02 +0000
Message-id: <[🔎] 7e622ce3-8327-40cf-9588-fbc7a9001e8f@www.fastmail.com>
In-reply-to: <[🔎] 5cfc2ed4-5b07-1b2c-5997-4b104e281491@gmail.com>
References: <[🔎] 5cfc2ed4-5b07-1b2c-5997-4b104e281491@gmail.com>

Hi Utkarsh,

> Please don't yet patch CVE-2019-16782 for Buster, Stretch, Jessie, et al.
> This security update induces a regression, resulting in some issues in
> using the library.

I see your note in data/dla-needed.txt but may I suggest "reserving"
ruby-rack there to avoid any chance of it being released by someone
else?


Best wishes,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org 🍥 chris-lamb.co.uk
       `-

Reply to:

References:
- Issues regarding ruby-rack/CVE-2019-16782
  - From: Utkarsh Gupta <guptautkarsh2102@gmail.com>

Prev by Date: Issues regarding ruby-rack/CVE-2019-16782
Next by Date: Re: Bug#947045: undefined symbol in libpixbufloader-tiff.so: g_uint_checked_mul
Previous by thread: Issues regarding ruby-rack/CVE-2019-16782
Next by thread: Re: Bug#947045: undefined symbol in libpixbufloader-tiff.so: g_uint_checked_mul
Index(es):
- Date
- Thread