-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 17 Mar 2019 19:40:23 +0100 Source: passenger Architecture: source Version: 5.0.30-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 884463 921767 Changes: passenger (5.0.30-1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * arbitrary file read via REVISION symlink (CVE-2017-16355) (Closes: #884463) * Fix privilege escalation in the Nginx module (CVE-2018-12029) (Closes: #921767) Checksums-Sha1: 4f4863eaa709a99e637a7d0c4ca79d9e813579d9 2756 passenger_5.0.30-1+deb9u1.dsc 2b966cb070fe667d02d17fda58a37fee34f3300c 5588130 passenger_5.0.30.orig.tar.gz ce76c486a78f2feef2f9d4d77565e6d50a641fb1 17596 passenger_5.0.30-1+deb9u1.debian.tar.xz 4dbf2c9283c2e1fd5637e607954075416e2d7d53 7084 passenger_5.0.30-1+deb9u1_source.buildinfo Checksums-Sha256: 284b6afb45cc3031707cbb9d6822fc50d4143550b35426bc662fe38a2c235913 2756 passenger_5.0.30-1+deb9u1.dsc f367e0c1d808d7356c3749222194a72ea03efe61a3bf1b682bd05d47f087b4e3 5588130 passenger_5.0.30.orig.tar.gz 5390c495a44bcaaf375ccc1d39b7c88aa27ed314b6b1aa0c4ef1295803aaa9be 17596 passenger_5.0.30-1+deb9u1.debian.tar.xz 0150bcc13e39059823a3457777c7845e8117b13507693d016a2a85c5a0d83e66 7084 passenger_5.0.30-1+deb9u1_source.buildinfo Files: 95c1fd6d274790b06f61206417681b65 2756 ruby optional passenger_5.0.30-1+deb9u1.dsc 7ed9ebc8996368176789d92c1805fd1e 5588130 ruby optional passenger_5.0.30.orig.tar.gz d5233a964a592e8648b563d491506ca5 17596 ruby optional passenger_5.0.30-1+deb9u1.debian.tar.xz b2322c0a958578e14fb743e0442c1b14 7084 ruby optional passenger_5.0.30-1+deb9u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlyOlSRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EUw4P/iu2CVXgLtDgHr8Esg9YIbRgBAB5V0vu g9m6CGmpUsKGc06s9QdiQaPtP+Ux9LLXeHsvcn58JXZF8f+U4y692zzKRUcUCgIr SJs8yKQQNLqZDZv+98E7AQr9I7C9NaijyqTI4x/WYjPUZoOQIozR/WpwVficKQyV ztAorQ4ijwq9C5OlQAbexRtynpeTTup3IbqbMCmovmIddXw4ciXfV7pF9egRgWpM ioMzcB74cyjIEdblg5Fr04+DLKKXZUDSPrrNJvSq8v4mUIDse8lrugN+4OKyu0KT 1byA+dlyAxmmpEj6ZmMojGMNoGlt/l9ku9p8yGq4IPVr+RTHIUmBOtj79hsL90C6 GJQCk96Ebbi7AhOXuhXV4IqshObqsWMqBMQZVzmpYmZcFTKaBRMV9LHYqNJugJIG 2la/Dpv8saZXxEBqGlm6z7a9DDhTg6K3inXmppqzPEd2tvCuG/JwP+BNGBf4eTCz 0Zn4opr+zOAHuXBtRjXxzLP8iaMoOISaAtC1HhVC2AVM4vC6VbbGLCTWwDlgSI3Q Wj7hle5ZLJdQ0TSEithSdSs6zr2FP5nzuOvAn4lwz9a/cNKyt3O6/Ti0GBMXhjCo eUgymTJpUW0TCY8ZaTTYZyqf2Uu2q/GOKHa/ijt8801df50gxD5lDHHjH+u/5FCO aXyGyCUjm+w9 =KX3C -----END PGP SIGNATURE-----