[ubuntu/lunar-proposed] ruby3.0 3.0.4-8ubuntu1 (Accepted)

Leonidas Da Silva Barbosa leo.barbosa at canonical.com
Tue Jan 24 16:09:16 UTC 2023 

ruby3.0 (3.0.4-8ubuntu1) lunar; urgency=medium

  * SECURITY UPDATE: HTTP response splitting
    - debian/patches/CVE-2021-33621*.patch: adds regex to lib/cgi/core.rb and
      lib/cgi/cookie.rb along with tests to check http response headers and
      cookie fields for invalid characters.
    - debian/patches/fix_tzdata-2022.patch: fix for tzdata-2022g tests
      in test/ruby/test_time_tz.rb.
    - CVE-2021-33621

Date: Wed, 18 Jan 2023 11:55:54 -0300
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/ruby3.0/3.0.4-8ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Jan 2023 11:55:54 -0300
Source: ruby3.0
Built-For-Profiles: noudeb
Architecture: source
Version: 3.0.4-8ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Changes:
 ruby3.0 (3.0.4-8ubuntu1) lunar; urgency=medium
 .
   * SECURITY UPDATE: HTTP response splitting
     - debian/patches/CVE-2021-33621*.patch: adds regex to lib/cgi/core.rb and
       lib/cgi/cookie.rb along with tests to check http response headers and
       cookie fields for invalid characters.
     - debian/patches/fix_tzdata-2022.patch: fix for tzdata-2022g tests
       in test/ruby/test_time_tz.rb.
     - CVE-2021-33621
Checksums-Sha1:
 ffcbec5b6bbe063c6d080a621340f2a3634399ac 2616 ruby3.0_3.0.4-8ubuntu1.dsc
 d423aac9bdb0529577f0cc5cf5629531073ee965 165768 ruby3.0_3.0.4-8ubuntu1.debian.tar.xz
 016ebb46a2886bcbab0e651df167a7ccda65c334 7365 ruby3.0_3.0.4-8ubuntu1_source.buildinfo
Checksums-Sha256:
 4e2e3f7b2476c4d283287cdfd0a502ab886a67b2e991cc54ade2d2b491c19a33 2616 ruby3.0_3.0.4-8ubuntu1.dsc
 9d6e2f8169a9355b1f7a80ac7d2ab0e00d58b376e95720824471aeff9683878f 165768 ruby3.0_3.0.4-8ubuntu1.debian.tar.xz
 72a9b486ed93a98524ba7b219fad9167c52f936fa491ba7d443dd2ed43896d75 7365 ruby3.0_3.0.4-8ubuntu1_source.buildinfo
Files:
 c3eb86a94deb021c934f9757a6739e23 2616 ruby optional ruby3.0_3.0.4-8ubuntu1.dsc
 ebef8e5ee46273f2879585cd6e4a7150 165768 ruby optional ruby3.0_3.0.4-8ubuntu1.debian.tar.xz
 ac257fa1e3b85a038b72998ef512d664 7365 ruby optional ruby3.0_3.0.4-8ubuntu1_source.buildinfo
Original-Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers at lists.alioth.debian.org>

More information about the lunar-changes mailing list