ruby1.9.1 (1.9.3.194-1ubuntu1.3) quantal-security; urgency=low
* SECURITY UPDATE: denial of service via hash collisions
- debian/patches/20121120-cve-2012-5371.diff: replace hash
implementation in common.mk, random.c, siphash.*, string.c.
- CVE-2012-5371
* SECURITY UPDATE: xss in documents generated by rdoc
- debian/patches/CVE-2013-0256.patch: fix xss in
lib/rdoc/generator/template/darkfish/js/darkfish.js.
- CVE-2013-0256
* SECURITY UPDATE: DoS and unsafe object creation via JSON
- debian/patches/CVE-2013-0269.patch: fix JSON parsing in
ext/json/lib/json/add/core.rb, ext/json/lib/json/common.rb,
ext/json/parser/parser.c, ext/json/parser/parser.rl,
test/json/test_json.rb, test/json/test_json_addition.rb,
test/json/test_json_string_matching.rb.
- CVE-2013-0269
* Patches taken from Debian 1.9.3.194-7 package.
Date: 2013-02-15 16:00:16.058516+00:00
Changed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/quantal/+source/ruby1.9.1/1.9.3.194-1ubuntu1.3
Sorry, changesfile not available.
--
Quantal-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/quantal-changes
