[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Regression in stretch update of ruby-activerecord 2:5.2.2.1+dfsg-1+deb10u4



Hi,

On Tue, 13 Sep 2022, Abhijith PA wrote:
> > Yes, that'd make sense. I'll start a separate thread for
> > CVE-2022-32224. Roll back for now so there's no regression at least.
> 
> I've disabled patch for CVE-2022-32224. Also tested against redmine. 
> Looks good for me. Can you give a smoke test. I will upload to 
> archive.
> 
> https://people.debian.org/~abhijith/upload/fix_rails/

I upgrade to this package and the debci API is working. So from my point
of view, the regression is gone.

Don't forge to update security tracker so that CVE-2022-32224 is again
marked as unhandled.

Cheers,
-- 
  ⢀⣴⠾⠻⢶⣦⠀   Raphaël Hertzog <hertzog@debian.org>
  ⣾⠁⢠⠒⠀⣿⡁
  ⢿⡄⠘⠷⠚⠋    The Debian Handbook: https://debian-handbook.info/get/
  ⠈⠳⣄⠀⠀⠀⠀   Debian Long Term Support: https://deb.li/LTS


Reply to: