Your message dated Thu, 10 Apr 2025 02:36:06 +0000
with message-id <[email protected]>
and subject line Bug#1093972: fixed in ruby3.3 3.3.7-2
has caused the Debian Bug report #1093972,
regarding ruby3.3: Please update symbols files for m68k, powerpc, ppc64, sh4
and sparc64
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1093972: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093972
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: ruby
Version: 3.3.6-1.1
Severity: normal
Hello,
ruby3.3 builds fine on m68k, powerpc, ppc64, sh4 and sparc64 except for the
outdated
symbols files which keeps it from being available on these architectures. This
is
rather unfortunate as ruby-defaults was just switched to version 3.3.
Could you please fix the symbol errors as soon as possible to make the ruby
meta package
installable on these architectures again?
Thanks,
Adrian
--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
--- End Message ---
--- Begin Message ---
Source: ruby3.3
Source-Version: 3.3.7-2
Done: Lucas Kanashiro <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ruby3.3, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Lucas Kanashiro <[email protected]> (supplier of updated ruby3.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 09 Apr 2025 15:42:58 -0300
Source: ruby3.3
Architecture: source
Version: 3.3.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team
<[email protected]>
Changed-By: Lucas Kanashiro <[email protected]>
Closes: 1093972
Changes:
ruby3.3 (3.3.7-2) unstable; urgency=medium
.
* Fix CVE-2025-27221.
The URI handling methods (URI.join, URI#merge, URI#+) have an
inadvertent leakage of authentication credentials because userinfo is
retained even after changing the host.
- d/p/CVE-2025-27221_*.patch
* Fix CVE-2025-27220.
In the CGI gem, a Regular Expression Denial of Service (ReDoS)
vulnerability exists in the Util#escapeElement method.
- d/p/CVE-2025-27220.patch
* Fix CVE-2025-27219.
In the CGI gem, the CGI::Cookie.parse method in the CGI library contains
a potential Denial of Service (DoS) vulnerability. The method does not
impose any limit on the length of the raw cookie value it processes.
This oversight can lead to excessive resource consumption when parsing
extremely large cookies.
- d/p/CVE-2025-27219.patch
* d/libruby3.3.symbols: update symbols for multiple architectures
(Closes: #1093972). Thanks to John Paul Adrian Glaubitz!
Checksums-Sha1:
a223c72d58a65832a8313047571b4d74e1e6f353 2592 ruby3.3_3.3.7-2.dsc
537eb9477c3ae1e5361ee1d9aa03114108e9511d 14696248 ruby3.3_3.3.7.orig.tar.xz
2a1ca186779614965bc4fb22504213286fd2aa6e 65644 ruby3.3_3.3.7-2.debian.tar.xz
c8ef1252e42c1e68fb30758cd23bd0fe4cbb2c0f 5979 ruby3.3_3.3.7-2_source.buildinfo
Checksums-Sha256:
f53b3f11e43512ef39e6f8e73e596d57ef7736254338320ea474ddb0047e77e6 2592
ruby3.3_3.3.7-2.dsc
09587dad1449407eeb7d596a1848e3cc1357cc82df693e02a4e063d43d158180 14696248
ruby3.3_3.3.7.orig.tar.xz
26075c1942987878b1056898040fa3ae356f65778486844f17571b388501efcb 65644
ruby3.3_3.3.7-2.debian.tar.xz
72fb3531fe97df976b3666f78216610021532a00600100a9517b603be1ac766e 5979
ruby3.3_3.3.7-2_source.buildinfo
Files:
6bb06e7925cd04bb56d1caba09cd8226 2592 ruby optional ruby3.3_3.3.7-2.dsc
2aec84d0e80ce08172bb9d7c74321908 14696248 ruby optional
ruby3.3_3.3.7.orig.tar.xz
2f7dc68b94ac6b72d578ddb372bcec71 65644 ruby optional
ruby3.3_3.3.7-2.debian.tar.xz
7bd7d417e077474b5801e9142352e2fb 5979 ruby optional
ruby3.3_3.3.7-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCgAzFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmf3IJgVHGthbmFzaGly
b0BkZWJpYW4ub3JnAAoJEPgjonKYg8l8oyAP/iJNB5VJh9ZwwRFa/WhPxyVYE7LO
uqt4/JK9kli11/OEo+9A3rmsD1suCwgfrh0cskyyTLiyFOb8wRNgiGCF/XnapRYh
mTQHsvhIipjP29EGmv73dTNz0x3z2gy1bdOvWpFCXt1jR7WxncfPJB/dVIllElxf
VNyg3fMhbUGLWKQbsk2RbF0F3Q50M9K6rfVjaNF1K73uSB4urxQBBXxf7AhH8XjJ
r7vZHsxyw8xCawo7ERiUSEfDtQs/tAdMb+HW0N56sBjkriOF+Ohj30wFOOPoIbgq
ROiAt0qbfZtqnlBA9gvtk3uNL1DokBl6OAf0vhpSmWsChaQRS8w5pif52drkLO+f
EWMIW6D84I5WXv5TEmnnc54MBeEXdZTjlM+T9KtPCrVXzVag4rg6ZV1fhMTNJ96T
QYXHzg8fC+moD8/Qrj+AC630kmoK5w/cIS2ZDJ+RUn8+PeHxdKPk/GBJIMRUEzEV
WT2acacPzCpheoXNd5l9A0se/guaNsfZqd48B3zo+jw8J484Qe5GIDv7qCYm9QZ+
sJlmy4Gg06v9tx8cC5attJ5cc03ubc5gTsqaANfrEtotlAHf5yg4exgwGO2ZWkfF
XRhr0nCE7get0WueAM+nNBRyXQZ4Mqp7fPxHFzFPpcCMtFMvQawcCoPTFg1T1VSE
uV8VK0xHRVBvX0ed
=4RB8
-----END PGP SIGNATURE-----
pgpaDmJI5BLmv.pgp
Description: PGP signature
--- End Message ---
_______________________________________________
Pkg-ruby-extras-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
