[ubuntu/artful-proposed] ruby2.3 2.3.3-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri Jun 16 16:48:15 UTC 2017
ruby2.3 (2.3.3-1ubuntu1) artful; urgency=medium
* SECURITY UPDATE: SMTP command injection
- debian/patches/CVE-2015-9096.patch: don't allow bare CR or LF in
lib/net/smtp.rb, added test to test/net/smtp/test_smtp.rb.
- CVE-2015-9096
* SECURITY UPDATE: use of same initialization vector (IV)
- debian/patches/CVE-2016-7798.patch: don't set dummy key in
ext/openssl/ossl_cipher.c, added test to test/openssl/test_cipher.rb.
- CVE-2016-7798
Date: Fri, 16 Jun 2017 10:27:43 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/ruby2.3/2.3.3-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 16 Jun 2017 10:27:43 -0400
Source: ruby2.3
Binary: ruby2.3 libruby2.3 ruby2.3-dev ruby2.3-doc ruby2.3-tcltk
Architecture: source
Version: 2.3.3-1ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libruby2.3 - Libraries necessary to run Ruby 2.3
ruby2.3 - Interpreter of object-oriented scripting language Ruby
ruby2.3-dev - Header files for compiling extension modules for the Ruby 2.3
ruby2.3-doc - Documentation for Ruby 2.3
ruby2.3-tcltk - Ruby/Tk for Ruby 2.3
Changes:
ruby2.3 (2.3.3-1ubuntu1) artful; urgency=medium
.
* SECURITY UPDATE: SMTP command injection
- debian/patches/CVE-2015-9096.patch: don't allow bare CR or LF in
lib/net/smtp.rb, added test to test/net/smtp/test_smtp.rb.
- CVE-2015-9096
* SECURITY UPDATE: use of same initialization vector (IV)
- debian/patches/CVE-2016-7798.patch: don't set dummy key in
ext/openssl/ossl_cipher.c, added test to test/openssl/test_cipher.rb.
- CVE-2016-7798
Checksums-Sha1:
8ca5e204c60565ad99939e98104fc46f76a8fcb6 2565 ruby2.3_2.3.3-1ubuntu1.dsc
165d4dd6b62980ae3f15195420324b1660a3cb0a 96308 ruby2.3_2.3.3-1ubuntu1.debian.tar.xz
3d67d2b36de7fe5ed6f6815cb2c531445dc54872 8532 ruby2.3_2.3.3-1ubuntu1_source.buildinfo
Checksums-Sha256:
cf976096e04625d1336e35a139e378604c4632c5ec27fa6a1e4cb88c9706c7a3 2565 ruby2.3_2.3.3-1ubuntu1.dsc
e1073c7a3a3835f36e12abc169d1920c0731b0675d70b4aa04361dfd77339a3f 96308 ruby2.3_2.3.3-1ubuntu1.debian.tar.xz
bb1392e95e74ad84a9ba0faacae0ff2580ba890a25a8ba1c661961b0dd894e15 8532 ruby2.3_2.3.3-1ubuntu1_source.buildinfo
Files:
3e5d084d9eb6bfc8da2548f41f488151 2565 ruby optional ruby2.3_2.3.3-1ubuntu1.dsc
45f0c36e34a362d2be21ec7c6083a215 96308 ruby optional ruby2.3_2.3.3-1ubuntu1.debian.tar.xz
501a98b254f5f9da316bcbca5bfe8617 8532 ruby optional ruby2.3_2.3.3-1ubuntu1_source.buildinfo
Original-Maintainer: Antonio Terceiro <terceiro at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJZRAuRAAoJEGVp2FWnRL6TGgAQAI44KhltZxazKGKsVFiGHzCE
9FKCia31n/Bmr5iVBxtA3XX5LDt8XPiq5WGPfMfjOQYcnmjj5M0nVbnGZVY0b0mV
FGRQi/GZ76x8wOPlWQ1KiP0EodMejWy2ttak0D8Epd7ApOiSNGWtBA+3ox3WYlDT
7BUAgk9Zzz/Lb1gcnzzvO9AdWhRVTUIK81FTcB/Tu7Ic0+42fSzgvnBfIntxotRe
+/icklekTs6riVGG9CfbGrPGYKHnUKbOM21KOQkXzbMpLdamy7EsWVDtIb2l3+Mz
eybkNZNQcks1fC4mSKgf+i+ZdjL+OIb6VoDUGFJQ0YJZndjplHWA+vD7jXnlChUe
AFQNrtVDI1lkp5en8a+AKWUbUzaRHmA4fyJtA+8B3+6FDwem4r5B0VUfbJ2kDZ1w
QGt9OS5w8cFlnA1cgVHxnsp+6Lnn34bpgo6AxTmuvC8fb0kv3A3VSP2VuxDfFeBJ
3bdWKNh6wbgmv3/NPnv3hbVSZC6N/BrG7vFkNk0m4+4QFFg9jhnWLTuBx+fAl6Od
yEjThwDktbLHOIEwcIj/DMcHRbeOxijAKpAaeAw5ZZbGbPomNv0P/mlWNAJavrFD
HqJ0XPVa35JJgmsfHIZo0GpRl+AsM33kv7weWZNSC7BCy/jpS5G7Sk3perz64t4m
HbX8I0CeZ4EYSgPhZSA0
=Cyrz
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list