Package: libextlib-ruby Version: 0.9.13-2 Severity: grave Tags: security
Dan Kubb, upstream maintainer of the extlib RubyGem recently updated it to resolve security issues reported in CVE-2013-0156. The patches are are available from the extlib Git repository on GitHub to remove symbol and yaml coercion, respectively: https://github.com/datamapper/extlib/commit/4540e7102b803624cc2eade4bb8aaaa 934fc31c5 https://github.com/datamapper/extlib/commit/633974b2759d9b924657f3888473d5f d681538dd _______________________________________________ Pkg-ruby-extras-maintainers mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
