Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)

To: Georg Faerber <georg@riseup.net>
Cc: security@debian.org, debian-ruby@lists.debian.org
Subject: Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 22 Mar 2018 17:23:48 +0100
Message-id: <[🔎] 20180322162348.GA25195@inutil.org>
In-reply-to: <[🔎] 20180322162115.GM2961@debian>
References: <[🔎] 20180321223557.GE2961@debian> <[🔎] 20180322000423.GA8457@esfahan> <[🔎] 20180322162115.GM2961@debian>

On Thu, Mar 22, 2018 at 05:21:15PM +0100, Georg Faerber wrote:
> Dear security team,
> 
> I would like to fix CVE-2018-8048, which is currently present in
> ruby-loofah 2.0.3-2 in stretch. Do you prefer an "straight" upload done
> by you, or should this be instead an upload via stretch-pu?
> 
> In any case, I'll prepare a patch.

Thanks. I think we should fix this via security.debian.org

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
  - From: Georg Faerber <georg@riseup.net>

References:
- RFS: ruby-loofah 2.2.1-1 (CVE-2018-8048)
  - From: Georg Faerber <georg@riseup.net>
- Re: RFS: ruby-loofah 2.2.1-1 (CVE-2018-8048)
  - From: Cédric Boutillier <boutil@debian.org>
- ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
  - From: Georg Faerber <georg@riseup.net>

Prev by Date: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
Next by Date: Re: RFS: ruby-loofah 2.2.1-1 (CVE-2018-8048)
Previous by thread: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
Next by thread: Re: ruby-loofah 2.0.3-2 (stretch) update (CVE-2018-8048)
Index(es):
- Date
- Thread