rexical (1.0.5-2+deb10u1) buster-security; urgency=high * Non-maintainer upload by the LTS Security Team. * CVE-2019-5477: command injection vulnerability allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsafe user input as the filename. This vulnerability appears in code generated by the Rexical gem. (Closes: #940905) -- Sylvain Beucler Wed, 12 Oct 2022 15:00:36 +0200 rexical (1.0.5-2) unstable; urgency=medium * Change name of binary from rex to rexical (Closes: #788294) -- Balasankar C Sat, 18 Jul 2015 15:51:08 +0530 rexical (1.0.5-1) unstable; urgency=medium * Initial release (Closes: #785328) -- Balasankar C Thu, 14 May 2015 23:04:17 +0530