-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 04 Mar 2020 23:09:16 +0100 Source: puma Architecture: source Version: 3.12.4-1 Distribution: unstable Urgency: medium Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Daniel Leidert <dleidert@debian.org> Closes: 952766 953122 Changes: puma (3.12.4-1) unstable; urgency=medium . * Team upload. * New upstream release. - Fixes CVE-2020-5247 (closes: #952766). - Fixes CVE-2020-5249 (closes: #953122). * d/control (Section): Changed to web. (Homepage): Use secure URL. (Depends): Add ${ruby:Depends}. * d/copyright (Source): Use secure URL. * d/ruby-tests.rake: Disable test/test_puma_server_ssl.rb for the moment. These tests fail due to openssl being configured to use SECLEVEL2 (https://github.com/puma/puma/issues/2147). * d/rules: Add override to install upstream changelog. * d/watch: Rename downloaded tarball to include package name. * d/patches/0008-fix-ssl-tests.patch: Remove patch. Applied upstream. * d/patches/CVE-2019-16770.patch: Ditto. * d/patches/*.patch: Refresh patches. * d/patches/series: Adjust. Checksums-Sha1: 089b7f9ba2fcfd6f0016c8df4b738c4602b2fca8 1957 puma_3.12.4-1.dsc 6740532784a8759fc0a42edc7381eb9ead324878 219148 puma_3.12.4.orig.tar.gz 7de203baa232ca3bef90bc58b47729108b026696 8300 puma_3.12.4-1.debian.tar.xz c7c06aca58758a0f6069061b6ac8a06bdaf606c0 8949 puma_3.12.4-1_amd64.buildinfo Checksums-Sha256: 2977d86d40311d1b83f244a75b9d316c6a6adaad8b551e679f6bf8125064a139 1957 puma_3.12.4-1.dsc 41c0ccb465bf0ddaaa32ada40415c2fdb5076ae0bb0037f7093efc6d49086c50 219148 puma_3.12.4.orig.tar.gz 140a008877cfbd01191ff0051a0fbceada0a14976e618d1651e941e8d588fab8 8300 puma_3.12.4-1.debian.tar.xz a12b0cc60dc4bde9544866c4fdbf2e1050fee78d917df56b8e7e6d12dfc8a7d0 8949 puma_3.12.4-1_amd64.buildinfo Files: d3ef8f66ff0849f239b786c7c401410e 1957 web optional puma_3.12.4-1.dsc 6ae3801f9368cc3153feec6d07fc3879 219148 web optional puma_3.12.4.orig.tar.gz c7e59e989fc1e0b3d638dacafbffd3f1 8300 web optional puma_3.12.4-1.debian.tar.xz f51e03b82d34eca86bfa69c6d0c78314 8949 web optional puma_3.12.4-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAl5gR6AACgkQS80FZ8KW 0F06xhAApNf7ekbhNS159ajic8tI0KO5NbOWtqg/+pDfAySb79tLWqBovk22rAt/ g9NLuEgs6QR62oQcYzpQ6GxeADfobxJYBMM2v4MeP0szk4D9lNMGYUfChu2cBrcB dr58UiaDJLcY3vybd8DwVPYvGJjYA8uWZ6HcDgco9AElhUGLMM/f4UydvdTkf/il UgctLKgwH/UZSY9MmGMT8tJBB7CgPeEcJJdzD0vQVqYy7TcUF0aKm7PUL0LmXvKD JEe+pNRmbK+Udl5iUdqAtmWRPvOilO+cIwTZZLEe2BpO10CCwxKJblstw/RG9Sxx 4bkqdo7BLrCRDfOfVwTgSPpEBIeNDwIj15DSuBEFY6ATsZ8Tvz6mktliJt3zJ2ra O11AAtUo70Bw8SUhcuHEYgFBz/4M0NsX09VA3uv1AkaiSButzK5FZD/QD92wl9Lc X7uGnc81vsU12s9laKvxhpucAG7bwQLIhvY1nfIqXpk+SqchGrA/RT0a9j0XJet8 +XuOIVd4T3lNvSHamfug2rr87WG4x7Lt4FXOHKUUnCL87mjnFYgkj5PUqf0l9T1L 6091Y81aa6cH059I/eY0/GvG0if3cHttUTuI6EQmGwqdYGyPb4g68ubX5jIHCWle 1oiydZtK/t1hMMDME+UbQi0gymQccfn9m6oC0dLCZgP0H5QLEWY= =JdV+ -----END PGP SIGNATURE-----