Bug#925604: unblock: ruby-doorkeeper-openid-connect/1.5.5-1

To: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Cc: 925604@bugs.debian.org
Subject: Bug#925604: unblock: ruby-doorkeeper-openid-connect/1.5.5-1
From: Ivo De Decker <ivodd@debian.org>
Date: Sat, 30 Mar 2019 17:11:26 +0100
Message-id: <[🔎] 20190330161124.3n37ygpvs4g5gcly@debian.org>
Reply-to: Ivo De Decker <ivodd@debian.org>, 925604@bugs.debian.org
In-reply-to: <[🔎] CAPP0f94zFLkgeSmyxjDZ+6abGqPSVQwKsHbNNn7V1JmRYmiTPw@mail.gmail.com>
References: <[🔎] CAPP0f94zFLkgeSmyxjDZ+6abGqPSVQwKsHbNNn7V1JmRYmiTPw@mail.gmail.com> <[🔎] CAPP0f94zFLkgeSmyxjDZ+6abGqPSVQwKsHbNNn7V1JmRYmiTPw@mail.gmail.com>

Control: tags -1 moreinfo

Hi,

On Wed, Mar 27, 2019 at 07:11:57PM +0530, Utkarsh Gupta wrote:
> Please unblock package ruby-doorkeeper-openid-connect.
> 
> There was a CVE bug (#924747) reported against the package with severity:
> grave.
> It was reported on 16th March and was resolved in the latest upload, which was
> on 24th March.
> Thus, requesting you to please unblock the same and let it be a part of Buster,
> as was going to :)

This upload seems to include a number of changes other than the fix for the
security issue. This doesn't seem to comply with the freeze policy. Perhaps
you can clarify the changes. Otherwise, please revert the upload and upload a
targeted fix for this issue.

Thanks,

Ivo

Reply to:

References:
- Bug#925604: unblock: ruby-doorkeeper-openid-connect/1.5.5-1
  - From: Utkarsh Gupta <guptautkarsh2102@gmail.com>

Prev by Date: NEW changes in stable-new
Next by Date: Processed: Re: unblock: ruby-doorkeeper-openid-connect/1.5.5-1
Previous by thread: Bug#925604: unblock: ruby-doorkeeper-openid-connect/1.5.5-1
Next by thread: Processed: Re: unblock: ruby-doorkeeper-openid-connect/1.5.5-1
Index(es):
- Date
- Thread