[ubuntu/mantic-proposed] ruby-redcloth 4.3.2-4ubuntu1 (Accepted)

Evan Caville evan.caville at canonical.com
Wed Sep 13 01:43:15 UTC 2023 

ruby-redcloth (4.3.2-4ubuntu1) mantic; urgency=medium

  * SECURITY UPDATE: denial of service issue from use regular expression
    during html sanitisation
    - debian/patches/CVE-2023-31606.patch: regular expression updated to use
      possessive quantifier.
    - CVE-2023-31606

Date: Mon, 11 Sep 2023 12:19:23 +1000
Changed-By: Evan Caville <evan.caville at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/ruby-redcloth/4.3.2-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 11 Sep 2023 12:19:23 +1000
Source: ruby-redcloth
Built-For-Profiles: noudeb
Architecture: source
Version: 4.3.2-4ubuntu1
Distribution: mantic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Evan Caville <evan.caville at canonical.com>
Changes:
 ruby-redcloth (4.3.2-4ubuntu1) mantic; urgency=medium
 .
   * SECURITY UPDATE: denial of service issue from use regular expression
     during html sanitisation
     - debian/patches/CVE-2023-31606.patch: regular expression updated to use
       possessive quantifier.
     - CVE-2023-31606
Checksums-Sha1:
 84b56cdc964bdefd3d3e0f67459cab2456fdd139 1830 ruby-redcloth_4.3.2-4ubuntu1.dsc
 2037a53d47d5e5a08aac9e3550e8fd3e9ccd9b93 7068 ruby-redcloth_4.3.2-4ubuntu1.debian.tar.xz
 e201bdf6cc4be0de763682edb7d05eaa4a05e94d 9703 ruby-redcloth_4.3.2-4ubuntu1_source.buildinfo
Checksums-Sha256:
 c3c67654bb142d6dd1862e3021e66c4f5c9d33f86ba4c1b2d26b0d41f83724fe 1830 ruby-redcloth_4.3.2-4ubuntu1.dsc
 be784a60f5b24ffc564f920563db0b9fcc4f14d5a2afa9760a711f1e2059856f 7068 ruby-redcloth_4.3.2-4ubuntu1.debian.tar.xz
 402bb89e9e2bd013b4108b8d7ee5b41b9272ee22765d27d66275dcfc1f95e9bd 9703 ruby-redcloth_4.3.2-4ubuntu1_source.buildinfo
Files:
 cf838bbc1c0ac272d8e4a077daba567b 1830 ruby optional ruby-redcloth_4.3.2-4ubuntu1.dsc
 1e0f0383fb2abd3a8236765fb1b126e3 7068 ruby optional ruby-redcloth_4.3.2-4ubuntu1.debian.tar.xz
 862b5bf83ddf1fcac961decf313bf8a3 9703 ruby optional ruby-redcloth_4.3.2-4ubuntu1_source.buildinfo
Original-Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers at lists.alioth.debian.org>

More information about the mantic-changes mailing list