[ubuntu/raring-proposed] ruby1.9.1 1.9.3.194-8.1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Mar 25 18:55:14 UTC 2013 

ruby1.9.1 (1.9.3.194-8.1ubuntu1) raring; urgency=low

  * Merge from Debian testing. Remaining changes:
    - debian/control: Add ca-certificates to libruby1.9.1 depends so that
      rubygems can perform certificate verification
    - debian/rules: Don't install SSL certificates from upstream sources
    - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
      /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
    - debian/patches/CVE-2012-4522.patch: Adjust patch to fix build test
      error. Use the version of the fix from upstream's 1.9.3 tree to fix
      the NoMethodError for assert_file_not, which doesn't exist in 1.9.3.
      Adjust the Origin patch tag accordingly.

ruby1.9.1 (1.9.3.194-8.1) unstable; urgency=high

  * Non-maintainer upload.
  * Add CVE-2013-1821.patch patch.
    CVE-2013-1821: Fix entity expansion DoS vulnerability in REXML. When
    reading text nodes from an XML document, the REXML parser could be
    coerced into allocating extremely large string objects which could
    consume all available memory on the system. (Closes: #702525)

ruby1.9.1 (1.9.3.194-8) unstable; urgency=low

  * ruby1.9.1: add Breaks: apt-listbugs (<< 0.1.6) to avoid breaking the
    squeeze->wheezy upgrades (Closes: #701466).

Date: Mon, 25 Mar 2013 10:33:34 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/ruby1.9.1/1.9.3.194-8.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 Mar 2013 10:33:34 -0400
Source: ruby1.9.1
Binary: ruby1.9.1 libruby1.9.1 libruby1.9.1-dbg ruby1.9.1-dev libtcltk-ruby1.9.1 ruby1.9.1-examples ri1.9.1 ruby1.9.1-full ruby1.9.3
Architecture: source
Version: 1.9.3.194-8.1ubuntu1
Distribution: raring
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libruby1.9.1 - Libraries necessary to run Ruby 1.9.1
 libruby1.9.1-dbg - Debugging symbols for Ruby 1.9.1
 libtcltk-ruby1.9.1 - Tcl/Tk interface for Ruby 1.9.1
 ri1.9.1    - Ruby Interactive reference (for Ruby 1.9.1)
 ruby1.9.1  - Interpreter of object-oriented scripting language Ruby
 ruby1.9.1-dev - Header files for compiling extension modules for the Ruby 1.9.1
 ruby1.9.1-examples - Examples for Ruby 1.9
 ruby1.9.1-full - Ruby 1.9.1 full installation
 ruby1.9.3  - Interpreter of object-oriented scripting language Ruby, version 1
Closes: 701466 702525
Changes: 
 ruby1.9.1 (1.9.3.194-8.1ubuntu1) raring; urgency=low
 .
   * Merge from Debian testing. Remaining changes:
     - debian/control: Add ca-certificates to libruby1.9.1 depends so that
       rubygems can perform certificate verification
     - debian/rules: Don't install SSL certificates from upstream sources
     - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
       /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
     - debian/patches/CVE-2012-4522.patch: Adjust patch to fix build test
       error. Use the version of the fix from upstream's 1.9.3 tree to fix
       the NoMethodError for assert_file_not, which doesn't exist in 1.9.3.
       Adjust the Origin patch tag accordingly.
 .
 ruby1.9.1 (1.9.3.194-8.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Add CVE-2013-1821.patch patch.
     CVE-2013-1821: Fix entity expansion DoS vulnerability in REXML. When
     reading text nodes from an XML document, the REXML parser could be
     coerced into allocating extremely large string objects which could
     consume all available memory on the system. (Closes: #702525)
 .
 ruby1.9.1 (1.9.3.194-8) unstable; urgency=low
 .
   * ruby1.9.1: add Breaks: apt-listbugs (<< 0.1.6) to avoid breaking the
     squeeze->wheezy upgrades (Closes: #701466).
Checksums-Sha1: 
 0c7f235257fa6916909f154b5641bc9c05f9fc67 2749 ruby1.9.1_1.9.3.194-8.1ubuntu1.dsc
 31cf6bd981e4c929e5dc3bbdb341833eab1bd9f2 12432239 ruby1.9.1_1.9.3.194.orig.tar.gz
 3e9b8fd3b7ecb17686821b7305344720a853855a 64484 ruby1.9.1_1.9.3.194-8.1ubuntu1.debian.tar.gz
Checksums-Sha256: 
 496cb4b4053383cbc0e10ff77f9e19f1353bf58add5223904043b391fa20a720 2749 ruby1.9.1_1.9.3.194-8.1ubuntu1.dsc
 46e2fa80be7efed51bd9cdc529d1fe22ebc7567ee0f91db4ab855438cf4bd8bb 12432239 ruby1.9.1_1.9.3.194.orig.tar.gz
 87cb7c154388fbf1e68b49d4c10a2b3ec03e56da6ea1ef060297ee1a55655d9f 64484 ruby1.9.1_1.9.3.194-8.1ubuntu1.debian.tar.gz
Files: 
 713df0b34a302f46bced4c37cf496b7d 2749 ruby optional ruby1.9.1_1.9.3.194-8.1ubuntu1.dsc
 bc0c715c69da4d1d8bd57069c19f6c0e 12432239 ruby optional ruby1.9.1_1.9.3.194.orig.tar.gz
 b8a3dfe3fcb1c9fcc1b59e5ebf9a6fc4 64484 ruby optional ruby1.9.1_1.9.3.194-8.1ubuntu1.debian.tar.gz
Original-Maintainer: akira yamada <akira at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJRUJnCAAoJEGVp2FWnRL6ThXoQAJkm3PA7KkZK0Tpjc4FNitSR
KpYcftXmmTTxD6Vi6CN0Gjs1s8XHqAH1aBROsrdpgeSXMT8osTk6dsh3td0dnKiZ
U/hI6sq9qdEiAlPmy66AGR5TU+AWRrR4+ZhDIZpasIJoiwv30nyEDWIQPfJt1l67
qVBCV1IexV48NjABO6oQqt1fCxecNCkxA8GXFMnNtrGTy48YlfBWUzo/twKr+q7E
mpUJWnhJlUgk1cNCPa6aMOAi28kUbdvhqRdHAlEZO0ApqhxxibRM5Hr257Aaap1m
W1zsy68iotDw0yItZOuj2S6SuvzZKW0hcL0tZcr4ifXQS71WUjGRQjSS09vWxvkF
4x7TTyDMvajoaAD9A7a88ZZyFQ1ybNWkyYX3IfrWJJELJ314rAX8vwo2OaUYd02o
VrWoIva0QUjUrYrwPLS7KsJsvKlHAQ7cD7mQM0XWVHQdTyLb3kC6OOQbjEYhDvkW
oEiQMlhdtt8ON8kcnzkkPGSmqDT5/5LbE73UiIsMDSYObpRTQv1FlOmb3+nZlZme
/O/z+M8BCJMMiKdh62deLPdQYu9nstOaWgRQzO7ShUCcStiJ1COAEY10Rp63M32F
UgvYoPs7TBMMemwAz2Cp3j02qIE/EJMXOZLSlokZsB1o2q0/IadNonkk7PRM50Uc
zDBnp/bvUWyh5DB0kyzj
=YMtl
-----END PGP SIGNATURE-----

More information about the Raring-changes mailing list