[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#712765: marked as done (ITP: ruby-safe-yaml -- Safe implementation of YAML.load)

Your message dated Thu, 20 Jun 2013 11:08:39 +0200
with message-id <20130620090839.GA30206@debian.org>
and subject line bug 712765 is ITP for package ruby-safe-yaml already in Debian
has caused the Debian Bug report #712765,
regarding ITP: ruby-safe-yaml -- Safe implementation of YAML.load
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
712765: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712765
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: wnpp
Severity: wishlist
Owner: Stig Sandbeck Mathisen <ssm@debian.org>

* Package name    : ruby-safe-yaml
  Version         : 0.9.2
  Upstream Author : Dan Tao <daniel.tao@gmail.com>
* URL             : https://github.com/dtao/safe_yaml
* License         : MIT
  Programming Lang: Ruby
  Description     : Safe implementation of YAML.load

The SafeYAML gem provides an alternative implementation of YAML.load suitable
for accepting user input in Ruby applications. Unlike Ruby's built-in
implementation of YAML.load, SafeYAML's version will not expose apps to
arbitrary code execution exploits.

(The safe_yaml gem was vendored into puppet to fix a recent vulnerability.  The
packaging of this gem should help this situation.)

--- End Message ---
--- Begin Message --- 
Hi,

I'm closing this bug because this package is already in Debian: http://packages.qa.debian.org/ruby-safe-yaml

Regards.

--- End Message ---
Reply to: