-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 15 Dec 2019 17:28:25 +0100 Source: ruby2.3 Architecture: source Version: 2.3.3-1+deb9u7 Distribution: stretch-security Urgency: high Maintainer: Antonio Terceiro <terceiro@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Changes: ruby2.3 (2.3.3-1+deb9u7) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix for wrong fnmatch patttern (CVE-2019-15845) * Loop with String#scan without creating substring (CVE-2019-16201) * WEBrick: prevent response splitting and header injection (CVE-2019-16254) * lib/shell/command-processor.rb (Shell#[]): prevent unknown command (CVE-2019-16255) Checksums-Sha1: 0fc965ebb16e15dff615fc7fc493cdb06f3022e4 2658 ruby2.3_2.3.3-1+deb9u7.dsc 8414199ffa5d065490e9a138ecfe3e929af0062f 128072 ruby2.3_2.3.3-1+deb9u7.debian.tar.xz Checksums-Sha256: c64e697a8e30d6793027c7352999e29c62a72bead96cac99912aa0fc96561341 2658 ruby2.3_2.3.3-1+deb9u7.dsc 83d44deef66a4c4856672f1d6ce0bba3d2ddce46f48e98a9d57d8393bd09deef 128072 ruby2.3_2.3.3-1+deb9u7.debian.tar.xz Files: 2141cb6f0e1b53c013e8ccefa4224290 2658 ruby optional ruby2.3_2.3.3-1+deb9u7.dsc 6334f22c2d0cd8184b969593ec2d5346 128072 ruby optional ruby2.3_2.3.3-1+deb9u7.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl32Yu9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EhVsP/26wQip1/XVqIikkVQqc4l7TkOsfoPzn JxYtjVMEhC1YFsUscoru4hiV7wcJLcd7Bv2zQ2xiNE5xmPcqeELKTbCnMqdIb6w0 nA5sN9kPTcLc9WVo5YVRY7pU8GWCV/t+vUAavWdrxAMMbkTbagQqPtuxNvgJdCpG JCbamV1ggfkVptjOkKSBMbAHl/GTvkLa9TK5JE6UZEPxncP/M7UPSiRupMM1OgdO M5+L9VbPP0JHVDwd0Rs6zHV2YqD9jrqLwAGSC5dwTh2txIiCrVUE1fZiylG7SRst Ffqf+hE6UbBVD6wHa5Z0qZEng1M5ZIIsgqWTOkdQIf94GUkGSNyYBlb6SEp8mCDk P1KAg4BD4IQZN70gce5HwW0vKr+Zjc74hmMdbkIdIjjQSzLGDWBd12GtB31Y+W0b XKVnzK4XM4K/UJ8mdgpehFaImDRXwGO8Lzbn+tv7CYeoOOg+Kzfl9A+Rdc2DriLt 2hFyyLXd5ibQMq6CqwDELM76Yuc5hvhfIUW/kZO7cStwhQtIjWIv6SzZpWBGAuYM lJqNqpjZdp0168SWFvhrm+/PPQu4VG1AG8hJT3pcQNcnx0RkT1h6U8VdTOeF0TaX 6PtqOTFh/lAM7znxN8uln91f+o+74yRXZ9SAYXvWexe3fn1aHB4S9EAW6ZxCHDHg WNEBj53jo8Lx =bZxl -----END PGP SIGNATURE-----