Your message dated Thu, 22 Nov 2012 15:18:13 +0000
with message-id <[email protected]>
and subject line Bug#693024: fixed in ruby1.9.1 1.9.3.194-4
has caused the Debian Bug report #693024,
regarding ruby1.9.1: CVE-2012-5371
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
693024: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693024
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ruby1.9.1
Severity: grave
Tags: security
Justification: user security hole
Please see
http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/
Fix:
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37600
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: ruby1.9.1
Source-Version: 1.9.3.194-4
We believe that the bug you reported is fixed in the latest version of
ruby1.9.1, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Antonio Terceiro <[email protected]> (supplier of updated ruby1.9.1 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 22 Nov 2012 10:30:37 -0300
Source: ruby1.9.1
Binary: ruby1.9.1 libruby1.9.1 libruby1.9.1-dbg ruby1.9.1-dev
libtcltk-ruby1.9.1 ruby1.9.1-examples ri1.9.1 ruby1.9.1-full ruby1.9.3
Architecture: source all amd64
Version: 1.9.3.194-4
Distribution: unstable
Urgency: high
Maintainer: akira yamada <[email protected]>
Changed-By: Antonio Terceiro <[email protected]>
Description:
libruby1.9.1 - Libraries necessary to run Ruby 1.9.1
libruby1.9.1-dbg - Debugging symbols for Ruby 1.9.1
libtcltk-ruby1.9.1 - Tcl/Tk interface for Ruby 1.9.1
ri1.9.1 - Ruby Interactive reference (for Ruby 1.9.1)
ruby1.9.1 - Interpreter of object-oriented scripting language Ruby
ruby1.9.1-dev - Header files for compiling extension modules for the Ruby 1.9.1
ruby1.9.1-examples - Examples for Ruby 1.9
ruby1.9.1-full - Ruby 1.9.1 full installation
ruby1.9.3 - Interpreter of object-oriented scripting language Ruby, version 1
Closes: 693024
Changes:
ruby1.9.1 (1.9.3.194-4) unstable; urgency=high
.
[ James Healy ]
* debian/patches/CVE-2012-5371.patch: avoid DOS vulnerability in hash
implementation, this fixes CVE-2012-5371. (Closes: #693024).
Checksums-Sha1:
f9c9d98fa041adb3f9298ef4623f5dedf5c11e12 1994 ruby1.9.1_1.9.3.194-4.dsc
b1e5ad144b74d689618ca89ad4c8a657c0a442ce 56783
ruby1.9.1_1.9.3.194-4.debian.tar.gz
b750811c9b0c211acfafddc0622ebc4cb98135ae 232776
ruby1.9.1-examples_1.9.3.194-4_all.deb
61053a0f2805a9a72909cca4668096bc50e70b5e 2172520 ri1.9.1_1.9.3.194-4_all.deb
c8ea4237d1f1477ca3b0660edbfe31ff689c5938 170840
ruby1.9.1-full_1.9.3.194-4_all.deb
ce10edc7aa513dfdca030d9f30dab0bdf110b4e0 171402 ruby1.9.3_1.9.3.194-4_all.deb
9118110fac6ec2372461b0f156f871fe8668468c 207740 ruby1.9.1_1.9.3.194-4_amd64.deb
a8cf8b224e20d3d094461ac2daadc6212a24af2e 4414378
libruby1.9.1_1.9.3.194-4_amd64.deb
009f098f8f0f7027ba5e4ea91594c5cdaacc3d22 4561212
libruby1.9.1-dbg_1.9.3.194-4_amd64.deb
d43539643e1596006a7df508ea7f165d72d45e75 1383976
ruby1.9.1-dev_1.9.3.194-4_amd64.deb
c2669af9a9a9245cae05d576c2a7965ae11bf5c4 1958998
libtcltk-ruby1.9.1_1.9.3.194-4_amd64.deb
Checksums-Sha256:
4a1cb9ad3eb4eaf36de9944952e442914adfb0a58182e9fa2e2c565ab6d27f20 1994
ruby1.9.1_1.9.3.194-4.dsc
6d4e28d841bf68788f6c95af198e0ff404b2cfd0af7b1f62acc80bdf7877027d 56783
ruby1.9.1_1.9.3.194-4.debian.tar.gz
2046539d39d6e80200ba6448c6d46a9251edf408712c8a8444c2c25975fc35ba 232776
ruby1.9.1-examples_1.9.3.194-4_all.deb
78f7ea127514d9fcb219b021b9659e5dd22184b848ac97a285b2ef7be2cf4e24 2172520
ri1.9.1_1.9.3.194-4_all.deb
5e28d785256b99ff90c45a5bb4fb94ca3fe0637d4e26aa3b0a9d71a51908bd39 170840
ruby1.9.1-full_1.9.3.194-4_all.deb
c407415eca1d947b4b363b343407f4b92dd1bd69c3d8e27b11bab54225f29c9d 171402
ruby1.9.3_1.9.3.194-4_all.deb
cff125309353528b24f670b170ae20ea57c3118c413ea8ef148474bf7f212105 207740
ruby1.9.1_1.9.3.194-4_amd64.deb
6adf5bba22608c72cb08184e4e954a782c00731dbc4ad6d96161af3c92d27c20 4414378
libruby1.9.1_1.9.3.194-4_amd64.deb
6297c1da2c5a16ac83f218739b9dd7775ed357650ae311cf218dfc70108083ef 4561212
libruby1.9.1-dbg_1.9.3.194-4_amd64.deb
24c4ed65300e2a98a413fbd4e43c2fc9e97e290606c8609263126d934490df2f 1383976
ruby1.9.1-dev_1.9.3.194-4_amd64.deb
14651a206d58436e8e8cc0020808ad2d3675a4cce352ee9c4dc763b0999442a7 1958998
libtcltk-ruby1.9.1_1.9.3.194-4_amd64.deb
Files:
608e4e0625996f9097ce6866cfe9a3d3 1994 ruby optional ruby1.9.1_1.9.3.194-4.dsc
0600097c0df04fca2cf531d44d786155 56783 ruby optional
ruby1.9.1_1.9.3.194-4.debian.tar.gz
4d303be2abaac7a9b2bd4931354fc811 232776 ruby optional
ruby1.9.1-examples_1.9.3.194-4_all.deb
74523cfdcb553a884b01216ea3ed7778 2172520 ruby optional
ri1.9.1_1.9.3.194-4_all.deb
f8836274884df3601b67d3b02d09b4e4 170840 ruby optional
ruby1.9.1-full_1.9.3.194-4_all.deb
0184aa840ea854174ffcf21d055a072a 171402 ruby optional
ruby1.9.3_1.9.3.194-4_all.deb
795365920dcc9df9c02008cfe91c000d 207740 ruby optional
ruby1.9.1_1.9.3.194-4_amd64.deb
4d6a8d767269341897c828f9be52b9c9 4414378 libs optional
libruby1.9.1_1.9.3.194-4_amd64.deb
66e672ae43a866cb17acf3bf65f2a997 4561212 debug extra
libruby1.9.1-dbg_1.9.3.194-4_amd64.deb
6e1003a5a420901b234110d37d1d24dc 1383976 ruby optional
ruby1.9.1-dev_1.9.3.194-4_amd64.deb
e19c4b493d88512390dcdea7f8b9ec23 1958998 ruby optional
libtcltk-ruby1.9.1_1.9.3.194-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlCuPVwACgkQDOM8kQ+cso8iiACeNJIK3BEVnfMiDI8KZG1TrhvR
VyIAn3/yTb1ZUTbnhBFBiBhhTtBtMXIf
=ea6l
-----END PGP SIGNATURE-----
--- End Message ---
