Accepted:
ruby-actionpack-3.2_3.2.6-4.debian.tar.gz
to main/r/ruby-actionpack-3.2/ruby-actionpack-3.2_3.2.6-4.debian.tar.gz
ruby-actionpack-3.2_3.2.6-4.dsc
to main/r/ruby-actionpack-3.2/ruby-actionpack-3.2_3.2.6-4.dsc
ruby-actionpack-3.2_3.2.6-4_all.deb
to main/r/ruby-actionpack-3.2/ruby-actionpack-3.2_3.2.6-4_all.deb
Changes:
ruby-actionpack-3.2 (3.2.6-4) unstable; urgency=high
.
* Add patches for security problems (Closes: #684454):
+ CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
prompt
+ CVE-2012-3465 - XSS Vulnerability in strip_tags
+ Both patches were edited from their original versions in two ways:
- the leading a/ and b/ from the filenames were stripped
- changes over test files were removed, since the Debian package
contains no test files.
Override entries for your package:
ruby-actionpack-3.2_3.2.6-4.dsc - source ruby
ruby-actionpack-3.2_3.2.6-4_all.deb - optional ruby
Announcing to [email protected]
Closing bugs: 684454
Thank you for your contribution to Debian.
_______________________________________________
Pkg-ruby-extras-maintainers mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
