Hi Ola, On Thu, May 26, 2016 at 11:27:42PM +0200, Ola Lundqvist wrote: > Hi ruby-activerecord-3.2 maintainer(s) and Debian LTS team > > This is my third package contribution to Debian LTS. I'm doing this as a > training exercise and this is why the maintainer have not been asked to > this for me. > > I have prepared an update of the ruby-activerecord-3.2 package with a fix > for > https://security-tracker.debian.org/tracker/CVE-2015-7577
While looking into CVE-2016-0753 of ruby-activemodel-3.2 I noticed that ruby-activerecord-3.2 is affected as well and not fixed with your proposed debdiff. I'm just looking into this atm and don't want to duplicate efforts. Cheers, -- Guido