Stefan, thanks for attending to this bug. Your debdiff is incomplete however because it patches debian/changelog. As for the binary package, we don't submit those in Launchpad but instead submit patches to source packages in the form of debdiffs. These are then reviewed and applied to source packages, then uploaded to be built, tested and eventually published to Ubuntu users.
Since this is an important update and in the interest of time, I am going to incorporate the initial patch you submitted (the one from Debian) to 11.10 - 12.10 (this is already fixed in 13.04). If you are interested in contributing to Ubuntu in this manner in the future, I suggest you read https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Packaging. Thanks again :) ** Also affects: ruby-activesupport-2.3 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: ruby-activesupport-2.3 (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: ruby-activesupport-2.3 (Ubuntu Raring) Importance: Undecided Status: Triaged ** Also affects: ruby-activesupport-2.3 (Ubuntu Quantal) Importance: Undecided Status: New ** Changed in: ruby-activesupport-2.3 (Ubuntu Oneiric) Status: New => In Progress ** Changed in: ruby-activesupport-2.3 (Ubuntu Oneiric) Importance: Undecided => High ** Changed in: ruby-activesupport-2.3 (Ubuntu Precise) Status: New => In Progress ** Changed in: ruby-activesupport-2.3 (Ubuntu Precise) Importance: Undecided => High ** Changed in: ruby-activesupport-2.3 (Ubuntu Quantal) Status: New => In Progress ** Changed in: ruby-activesupport-2.3 (Ubuntu Quantal) Importance: Undecided => High ** Changed in: ruby-activesupport-2.3 (Ubuntu Raring) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1119256 Title: rails: CVE-2013-0333: Vulnerability in JSON Parser To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ruby-activesupport-2.3/+bug/1119256/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
