Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted ruby-rack-cors 0.2.9-1+deb8u1 (source all) into oldoldstable
Date: Thu, 06 Feb 2020 06:40:15 +0000
Signed by: Brian May <bam@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 04 Feb 2020 17:25:44 +1100
Source: ruby-rack-cors
Binary: ruby-rack-cors
Architecture: source all
Version: 0.2.9-1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Brian May <bam@debian.org>
Description:
 ruby-rack-cors - enable Cross-Origin Resource Sharing in Rack apps
Changes:
 ruby-rack-cors (0.2.9-1+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2019-18978: This package allowed ../ directory traversal to access
     private resources because resource matching did not ensure that pathnames
     were in a canonical format.
Checksums-Sha1:
 383245cfaf7a248046f6cdba0101f5954021fd57 2124 ruby-rack-cors_0.2.9-1+deb8u1.dsc
 c5f9b6b797efe3931055ea792add50cba2493a04 44825 ruby-rack-cors_0.2.9.orig.tar.gz
 bb64972693bf8ca30cf52ad5c822ce6717da9ff0 3716 ruby-rack-cors_0.2.9-1+deb8u1.debian.tar.xz
 667216319645f29e5393537e794b047c879a9059 6676 ruby-rack-cors_0.2.9-1+deb8u1_all.deb
Checksums-Sha256:
 5d2242b19c53e5e655a563395a7c1f720846cc9f5b3cea6bd57932223e8f046e 2124 ruby-rack-cors_0.2.9-1+deb8u1.dsc
 f07aa9e5564e98b9e7778a543218cb4370ba055003719a1c420f6cc40c70696c 44825 ruby-rack-cors_0.2.9.orig.tar.gz
 ca6f7e45513fbb57baae0bcd1f6014d24628375c2d05d58072c628262b0e6730 3716 ruby-rack-cors_0.2.9-1+deb8u1.debian.tar.xz
 4fe1dee2c197c15b5f7f32b8e7efed8b099e3007f5be5012389880722c1551ae 6676 ruby-rack-cors_0.2.9-1+deb8u1_all.deb
Files:
 e9a2d95a72f1e2745fdd8694a372def1 2124 ruby optional ruby-rack-cors_0.2.9-1+deb8u1.dsc
 dd8f828458d383d782c26a81492aa377 44825 ruby optional ruby-rack-cors_0.2.9.orig.tar.gz
 8a6e649d92be798f97791ae51abcec57 3716 ruby optional ruby-rack-cors_0.2.9-1+deb8u1.debian.tar.xz
 6129f5e451c419a5f84085b0d53e615e 6676 ruby optional ruby-rack-cors_0.2.9-1+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAl47r+sACgkQKpJZkldk
SvqRWQ/8DIhSX5HuB7HEe/GMatGx5n0bEJGIgJvRWRBbLVzBsNr/gw4GnvmmK2cx
F2HccTWhhBPcAcIOEiJSof/K4VeluP6mjp7+Ta0B+4yetLqwexIf3csHM0RwkYuE
/grmKfM8WdbaLATxHwYVdHETwBHOp/7XHB3GpEPsXdLoOpqfJRqwFQyZpmqMuLLy
+s0U5qQzZIJ30/f5yDjibAZCeXqQRQmqAXU3lepdouThQvaRSHoaTlhgQaG1Zyb8
L30yH9F2etmkwtCKnHjcmpNGmIlmikJIxcMhmlJsN6syN8D4uCDdIbUaCogNfDaZ
v01z8JvkqFKwoHKwG+EwepvwhAxepEYFYLuUc1kuP1Ch5w0zL4/q8pn4GOcrl3mo
srHzy+XTXRtktqeW+fYRHVnXX6cUn6UgYYy0N1xrReX+dY8uWeUu50Nyqi3Bfc5b
EOiIs7aH0n8lfXF59h6v7723QAqA/3Ge7Za4QVXMUo8Sed7VPFLFPdNw+5Q0ze4q
gP8WqUOac2Zr8zhY4CPaMPIMf2krUUfHx4wXExhCQ622vGY7KIrQFzkLvnwVI2Ec
88V3z+SuoZG2XqaI3LHfveC3pAbO680srFtG/GpkuyWIddOeXmxkhQCHQK7kBzvx
U85Q1IdKs1Bk1CLeaxz6tlH5j0asU2IibGksENizPmoM6oDYnPQ=
=YpZ3
-----END PGP SIGNATURE-----

News for package ruby-rack-cors