Your message dated Sat, 07 Mar 2015 16:48:54 +0000 with message-id <e1yuhui-0003ug...@franck.debian.org> and subject line Bug#774748: fixed in redcloth 4.2.2-1.1+deb6u1 has caused the Debian Bug report #774748, regarding ruby-redcloth: CVE-2012-6684 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 774748: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774748 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby-redcloth Severity: grave Tags: security This was assigned CVE-2012-6684 (only recently, but since the bug was initially discovered in 2012, it received an ID from back then): http://co3k.org/blog/redcloth-unfixed-xss-en Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: redcloth Source-Version: 4.2.2-1.1+deb6u1 We believe that the bug you reported is fixed in the latest version of redcloth, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 774...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thorsten Alteholz <deb...@alteholz.de> (supplier of updated redcloth package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 07 Mar 2015 17:10:02 +0100 Source: redcloth Binary: libredcloth-ruby libredcloth-ruby-doc libredcloth-ruby1.8 libredcloth-ruby1.9.1 Architecture: source all i386 Version: 4.2.2-1.1+deb6u1 Distribution: squeeze-lts Urgency: high Maintainer: Dmitry Borodaenko <angdr...@debian.org> Changed-By: Thorsten Alteholz <deb...@alteholz.de> Description: libredcloth-ruby - Textile module for Ruby libredcloth-ruby-doc - Textile module for Ruby documentation libredcloth-ruby1.8 - Textile module for Ruby 1.8 libredcloth-ruby1.9.1 - Textile module for Ruby 1.9.1 Closes: 774748 Changes: redcloth (4.2.2-1.1+deb6u1) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS Team. * 0001-Filter-out-javascript-links-when-using-filter_html-o.patch: filter javascript: links when proper HTML sanitization options are turned on (Closes: #774748 [CVE-2012-6684]) Checksums-Sha1: 4338d99a2466308c5c4c7fa3f52f2007246b5b87 2027 redcloth_4.2.2-1.1+deb6u1.dsc c53ce1d6061b825a584f68ff7ed2e40c93fd7931 94411 redcloth_4.2.2.orig.tar.gz 66e58350e5755fd1e6c43ca914dc225cc7599436 4307 redcloth_4.2.2-1.1+deb6u1.diff.gz b8750e27f5d5a0e8155110bbc30a0918ca78d6f9 7976 libredcloth-ruby_4.2.2-1.1+deb6u1_all.deb 2ba3ad630d90257dd45d754a03471df828b29cf6 32872 libredcloth-ruby-doc_4.2.2-1.1+deb6u1_all.deb 01e9fb3dedfb62ebf00f74894aa77b275138481d 126062 libredcloth-ruby1.8_4.2.2-1.1+deb6u1_i386.deb 6cfbae6761d040e96cc4a68e5f1f447c82558268 134988 libredcloth-ruby1.9.1_4.2.2-1.1+deb6u1_i386.deb Checksums-Sha256: 47e6f175667ff4e70fcf523279031830d4500ff60d01543bfcbc1af406afd0c1 2027 redcloth_4.2.2-1.1+deb6u1.dsc e89bd44b97b12bab115957800a26905ee695dda50d2b6629348328d79f331f84 94411 redcloth_4.2.2.orig.tar.gz c561c0452d6ad9b0caf32d8f1a29166d7beabd5e69a93e26e1c46d8a8fc3dae3 4307 redcloth_4.2.2-1.1+deb6u1.diff.gz 746994bffab491d93f064c48824ca5320292b0115593db521b55ac9823b8dc2c 7976 libredcloth-ruby_4.2.2-1.1+deb6u1_all.deb 313b1a3f8281d7641a4ba482e1c44b16b7a6d9d056a192dd7aa64d2346af108c 32872 libredcloth-ruby-doc_4.2.2-1.1+deb6u1_all.deb 6ce8bd94078c4ec24b7fad2267c365961b91d9c9b18755bb973b6cefd2f749b4 126062 libredcloth-ruby1.8_4.2.2-1.1+deb6u1_i386.deb 0220f22c7584e02892a635476277a8f4a879205353f109a29a83c13ba8862bbd 134988 libredcloth-ruby1.9.1_4.2.2-1.1+deb6u1_i386.deb Files: 43105aa929accea759a79113daf9b9b5 2027 ruby optional redcloth_4.2.2-1.1+deb6u1.dsc 2abd585947170606d37a057319e7076f 94411 ruby optional redcloth_4.2.2.orig.tar.gz 11afd5e90b300f1bb41b61f1ca3d8d76 4307 ruby optional redcloth_4.2.2-1.1+deb6u1.diff.gz 4b0ef2ab748016933dfbb023762f6b93 7976 ruby optional libredcloth-ruby_4.2.2-1.1+deb6u1_all.deb 7b36b6295a5ed74c68a2d6379c132a75 32872 doc optional libredcloth-ruby-doc_4.2.2-1.1+deb6u1_all.deb 734dfdde0b876a40f832617071458613 126062 ruby optional libredcloth-ruby1.8_4.2.2-1.1+deb6u1_i386.deb 4ae4ad655dbd61f0936153b2dd0afa94 134988 ruby optional libredcloth-ruby1.9.1_4.2.2-1.1+deb6u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJU+yi3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHxhcQAJp4USyTOKzlrEVQgFo/nnMA qCp8r4Vm4ef5rgEtbRuoBxklKWD8s7sNSMWfJs8FOMN0bscYGcRJBT9fbbDMXjLw fsecNHNaCmSoSuzgzryvG6GlQ8WapyR9E96JPWJdOVSa3PQsbK+f9Fm70TtlsL02 /2ho/glrQFgXJBslx33O0g022Kt7NbO+F3LzaHImmKCRIco6fUuL5xmbMVfrgqo2 j0y5BfGhf23EJC4F2TICT9htYaVijeV7ANeshKd792mVVE4h7wtXnBOY3eUU7FfC dCxDgvCrR+NbUfTYdNoQIramAMdIRc0JVUO/pA7XOlFZ+FAW7WTAIKC8f8i/P82B Ou/WTHO1sHbwPcmH1vsCGh61Nr7XvYk9Z474ZG7TAzPRKGAj4QEstB30APGhpEAg aYy9yFZcxPJ9yhlH7yyg5uKpF+LAmu085OQLyOqcD5tYear+yc12OvBzo8vHGTZB 4JvUMyDG/8eEhoFdwooqQWwTGy8/Vti7YNh9WK4wZLEGLz7yu5708hKKqVWrjTaX hAlUp7ua+h43SbHu1/h1HBWufzE9LIlr7p1D87IXmO1lPvyr2UP0xSAomor8rxb6 oP2AI80kJHfFE2nTQXGjBMfk2heNjHcBPe2iKSRDeBN3SPDklONkjJDRyHMWckuD i/SbLaPfrFK7GTTNL3ZO =4qgN -----END PGP SIGNATURE-----
--- End Message ---
