Bug#882802: jessie-pu: package ruby-ox/2.1.1-2+b2
Control: tags -1 + pending
On Sun, 2017-11-26 at 23:28 +0100, Cédric Boutillier wrote:
> this update fixes bug #881445 [CVE-2017-15928]
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881445
> by cherrypicking a patch from upstream, to crash of the ruby
> interpreter
> on a parse error.
>
> Debdiff attached.
>
> As mentioned in
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882724#10
> since the debdiffs are identical for jessie and stretch,
> except for version numbers and suite, the upload to jessie will
> follow shortly this report.
>
Flagged for acceptance.
Regards,
Adam
Reply to: