Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 741118@bugs.debian.org
Subject: Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2
From: Felix Geyer <fgeyer@debian.org>
Date: Wed, 12 Mar 2014 19:04:33 +0100
Message-id: <[🔎] 5320A1B1.2020403@debian.org>
Reply-to: Felix Geyer <fgeyer@debian.org>, 741118@bugs.debian.org
In-reply-to: <[🔎] 1394576206.4527.27.camel@jacala.jungle.funky-badger.org>
References: <[🔎] 20140308192507.6932.45753.reportbug@localhost6.localdomain6> <[🔎] 1394576206.4527.27.camel@jacala.jungle.funky-badger.org>

On 11.03.2014 23:16, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sat, 2014-03-08 at 20:25 +0100, Felix Geyer wrote:
>> There is another minor security issue in ruby-passenger concerning
>> insecure usage of temp files.
>> CVE-2014-1831 and CVE-2014-1832 have been assigned for this issue.
>>
>> I'd like to fix those by backporting the relevant upstream commits,
>> see the attached debdiff.
> 
> Please go ahead; thanks.

Thanks, I've uploaded the package.

Cheers,
Felix

Reply to:

Follow-Ups:
- Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2
  - From: Felix Geyer <fgeyer@debian.org>
- Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#741459: marked as done (release.debian.org: ignore SSL bug in ruby1.9.1 and ruby2.0)
Next by Date: Re: Bits from the Release Team: Architecture health check
Previous by thread: Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2
Next by thread: Bug#741118: wheezy-pu: package ruby-passenger/3.0.13debian-1+deb7u2
Index(es):
- Date
- Thread