Re: Security in sarge

To: debian-release@lists.debian.org
Subject: Re: Security in sarge
From: Andres Salomon <dilinger@voxel.net>
Date: Tue, 28 Sep 2004 02:13:45 -0400
Message-id: <pan.2004.09.28.06.13.44.779273@voxel.net>
References: <20040926120030.GA838@kyllikki.infodrom.north.de> <20040928004113.GD12464@kitenet.net>

On Mon, 27 Sep 2004 20:41:13 -0400, Joey Hess wrote:

> Martin Schulze wrote:
>> ruby 1.8.1+1.8.2pre1-4 needed, have 1.8.1-8 for DSA-537
> 
> This is fixed in ruby1.8 in testing; ruby itself is a dependency package.
> I don't know if ruby1.7 was/is vulnetable, do you?

Ruby1.7 (ie, ruby-beta) is most definitely vulnerable; both 1.6 and 1.8
had the problem.  However, ruby-beta should be hinted for removal
anyways.

Reply to:

Follow-Ups:
- Re: Security in sarge
  - From: Steve Langasek <vorlon@debian.org>

References:
- Re: Security in sarge
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: Security in sarge
Next by Date: Re: Security in sarge
Previous by thread: Re: Security in sarge
Next by thread: Re: Security in sarge
Index(es):
- Date
- Thread