Bug#712765: ITP: ruby-safe-yaml -- Safe implementation of YAML.load

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#712765: ITP: ruby-safe-yaml -- Safe implementation of YAML.load
From: Stig Sandbeck Mathisen <ssm@redpill-linpro.com>
Date: Wed, 19 Jun 2013 11:53:55 +0200
Message-id: <[🔎] 20130619095355.571.66065.reportbug@turbotape.w.bitbit.net>
Reply-to: Stig Sandbeck Mathisen <ssm@redpill-linpro.com>, 712765@bugs.debian.org

Package: wnpp
Severity: wishlist
Owner: Stig Sandbeck Mathisen <ssm@debian.org>

* Package name    : ruby-safe-yaml
  Version         : 0.9.2
  Upstream Author : Dan Tao <daniel.tao@gmail.com>
* URL             : https://github.com/dtao/safe_yaml
* License         : MIT
  Programming Lang: Ruby
  Description     : Safe implementation of YAML.load

The SafeYAML gem provides an alternative implementation of YAML.load suitable
for accepting user input in Ruby applications. Unlike Ruby's built-in
implementation of YAML.load, SafeYAML's version will not expose apps to
arbitrary code execution exploits.

(The safe_yaml gem was vendored into puppet to fix a recent vulnerability.  The
packaging of this gem should help this situation.)

Reply to:

Follow-Ups:
- Bug#712765: ITP: ruby-safe-yaml -- Safe implementation of YAML.load
  - From: Cédric Boutillier <cedric.boutillier@gmail.com>
- Bug#712765: marked as done (ITP: ruby-safe-yaml -- Safe implementation of YAML.load)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: ITP: ruby-notify -- desktop notification on cross platforms
Next by Date: Bug#712679: ITP: mrs -- Complete Information Retrieval System for Biomedical databanks
Previous by thread: Processed: ITP: ruby-notify -- desktop notification on cross platforms
Next by thread: Bug#712765: ITP: ruby-safe-yaml -- Safe implementation of YAML.load
Index(es):
- Date
- Thread