Your message dated Sun, 1 May 2016 23:27:53 +0200 with message-id <20160501212753.GK91435@sx> and subject line Re: #762739: CVE-2013-0334 has caused the Debian Bug report #762739, regarding [CVE-2013-0334] Ruby dependency manager Bundler may install gems from a different source than expected to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 762739: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762739 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: bundler Version: 1.1.4-6 Severity: important Tags: security upstream patch fixed-upstream Hi there, the following vulnerability was published for bundler: CVE-2013-0334: Ruby dependency manager Bundler may install gems from a different source than expected If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: http://www.openwall.com/lists/oss-security/2014/09/24/9 http://bundler.io/blog/2014/08/14/bundler-may-install-gems-from-a-different-source-than-expected-cve-2013-0334.html Please adjust the affected versions in the BTS as needed. Regards, luciano
--- End Message ---
--- Begin Message ---Closing, given a fixed bundler is in stable and newer. Thanks, -- ,''`. Christian Hofstaedtler <[email protected]> : :' : Debian Developer `. `' 7D1A CFFA D9E0 806C 9C4C D392 5C13 D6DB 9305 2E03 `-
--- End Message ---
