Your message dated Sun, 18 Mar 2018 06:04:31 +0000 with message-id <e1exrql-000blx...@fasolo.debian.org> and subject line Bug#892865: fixed in ruby-saml 1.7.2-1 has caused the Debian Bug report #892865, regarding CVE-2017-11428 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 892865: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892865 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ruby-saml Severity: grave Tags: security https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
--- End Message ---
--- Begin Message ---Source: ruby-saml Source-Version: 1.7.2-1 We believe that the bug you reported is fixed in the latest version of ruby-saml, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 892...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Cédric Boutillier <bou...@debian.org> (supplier of updated ruby-saml package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 18 Mar 2018 05:33:29 +0100 Source: ruby-saml Binary: ruby-saml Architecture: source Version: 1.7.2-1 Distribution: unstable Urgency: medium Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Cédric Boutillier <bou...@debian.org> Description: ruby-saml - SAML toolkit for Ruby on Rails Closes: 892865 Changes: ruby-saml (1.7.2-1) unstable; urgency=medium . * Team upload . [ Praveen Arimbrathodiyil ] * remove git in gemspec . [ Cédric Boutillier ] * New upstream version 1.7.2 + Fixes CVE-2017-11428 by processing text of nodes properly, ignoring comments (Closes: #892865) * Refresh use-system-lib.patch and remove-git-in-gemspec.patch * Use salsa.debian.org in Vcs-* fields * Bump debhelper compatibility level to 11 * Bump Standards-Version to 4.1.3 (no changes needed) * Use https in watch file, copyright formal URL and homepage field Checksums-Sha1: 44e2a52dd5c68f8e56bb3d74584ed8cf06323bfc 1722 ruby-saml_1.7.2-1.dsc 81bee4258ea691a28dc100f8f6b4837221f21cec 289865 ruby-saml_1.7.2.orig.tar.gz 4d8667ce86b37bbbb7b4cc132505d41c992ea73f 9912 ruby-saml_1.7.2-1.debian.tar.xz 7e0bc8e8ae3b549eb0f5ec9616abaa50800a983f 6481 ruby-saml_1.7.2-1_source.buildinfo Checksums-Sha256: 8f406455e32858a28ee3f2090ad6efd1244c0532ecc93e6022fda5cd0d3836cd 1722 ruby-saml_1.7.2-1.dsc 080d605f60bb77cc2de8aed857a5c5fb53de40abed20e8be31621171417ede1b 289865 ruby-saml_1.7.2.orig.tar.gz af6895796d0ec2566a63d532c956f70e3ae1212eea9e536b34386fe3f0e98e6c 9912 ruby-saml_1.7.2-1.debian.tar.xz 0fd93903d392c7b61e9a2c1789acce005a7563b2bce82dc028c6a3ca1a4607b0 6481 ruby-saml_1.7.2-1_source.buildinfo Files: 13e9a01d769e35058c45b053304af2b4 1722 ruby optional ruby-saml_1.7.2-1.dsc 4dc5244f1a1ed0f2dd20947db11f076c 289865 ruby optional ruby-saml_1.7.2.orig.tar.gz 400fda88df61fd6dacf2234047860e20 9912 ruby optional ruby-saml_1.7.2-1.debian.tar.xz 41fc7ef8533ceaa9a73a3d9eb3e12985 6481 ruby optional ruby-saml_1.7.2-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEnM1rMZ2/jkCrGr0aia+CtznNIXoFAlqt/jsACgkQia+CtznN IXpfYggAlrUwWSc0xEsLPMpX7xlBH5DpoRhTMdgiGJG2E/2WnjK4ZN4RA7dNadDU 6Niwb/aR/3IyWg9sVU57LTrpfg6Ydlm6L93q3aErxbbYjMVU2baAQ1BCgEn2xXwn SmRZYbc+ejhD20nIKzHYXS1JvaJ7oM8WMUWrsbVKt76FhqqtTxUom6HKL0TwPVsy ec/bRnIMMbmtY900QxWs7h9Tf+yjREVnUYx2tUVbXgiCkbGewNPNiQ4PeA4gCPbe KOjAKbRg26tsyn18EyzIhZoxhztq7QSKfbRavEn06JTKANIxSvB45l+WLIHhWwvH F9qaDxckDxnQ8BCxcaOqOweYVD0a9g== =ZMSG -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
