[ubuntu/noble-proposed] puma 5.6.5-4ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Jan 23 18:57:10 UTC 2024 

puma (5.6.5-4ubuntu3) noble; urgency=medium

  * SECURITY UPDATE: DoS via chunked transfer encoding body parsing
    - debian/patches/CVE-2024-21647.patch: limit the size of chunk
      extensions in lib/puma/client.rb, test/test_puma_server.rb.
    - CVE-2024-21647

Date: Tue, 23 Jan 2024 12:50:14 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/puma/5.6.5-4ubuntu3
-------------- next part --------------
Format: 1.8
Date: Tue, 23 Jan 2024 12:50:14 -0500
Source: puma
Built-For-Profiles: noudeb
Architecture: source
Version: 5.6.5-4ubuntu3
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 puma (5.6.5-4ubuntu3) noble; urgency=medium
 .
   * SECURITY UPDATE: DoS via chunked transfer encoding body parsing
     - debian/patches/CVE-2024-21647.patch: limit the size of chunk
       extensions in lib/puma/client.rb, test/test_puma_server.rb.
     - CVE-2024-21647
Checksums-Sha1:
 f67e83c44e1d9dc654966faf1f4e7317ef1088ab 2230 puma_5.6.5-4ubuntu3.dsc
 53dd6f2a49421953502c269745d3e9875a0e9b1d 14696 puma_5.6.5-4ubuntu3.debian.tar.xz
 894e3ef0e412988e4ef6aee531653e2576a58a44 10089 puma_5.6.5-4ubuntu3_source.buildinfo
Checksums-Sha256:
 b42dc0cd2b5ba39c365361975761dd9373069205e7ccc1c1d135d257e738cb2d 2230 puma_5.6.5-4ubuntu3.dsc
 650f42c2be25656a878fe2be301c9b5fc0492cc19ae9116e045541bbc02b95ba 14696 puma_5.6.5-4ubuntu3.debian.tar.xz
 7b50d6ff1fc86500aeb9d29de1210eb1758d169249c6a6e24cd2607e1cc9c236 10089 puma_5.6.5-4ubuntu3_source.buildinfo
Files:
 b66c3f624bfd26176b60608a137ab989 2230 web optional puma_5.6.5-4ubuntu3.dsc
 082ccbd75ecfa99543b8c65a59f54562 14696 web optional puma_5.6.5-4ubuntu3.debian.tar.xz
 dd697637c4d1a607942e822fade6f234 10089 web optional puma_5.6.5-4ubuntu3_source.buildinfo
Original-Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers at lists.alioth.debian.org>

More information about the noble-changes mailing list