Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted rails 2:5.2.4.3+dfsg-1 (source) into unstable
Date: Thu, 04 Jun 2020 06:49:01 +0000
Signed by: Utkarsh Gupta <utkarsh@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 04 Jun 2020 11:41:38 +0530
Source: rails
Architecture: source
Version: 2:5.2.4.3+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Changes:
 rails (2:5.2.4.3+dfsg-1) unstable; urgency=medium
 .
   * New upstream version 5.2.4.3+dfsg
     - Circumvention of file size limits in ActiveStorage
       (Fixes: CVE-2020-8162)
     - Possible Strong Parameters Bypass in ActionPack
       (Fixes: CVE-2020-8164)
     - Potentially unintended unmarshalling of user-provided objects
       in MemCacheStore and RedisCacheStore (Fixes: CVE-2020-8165)
     - Ability to forge per-form CSRF tokens given a global CSRF token
       (Fixes: CVE-2020-8166)
     - CSRF Vulnerability in rails-ujs (Fixes: CVE-2020-8167)
   * Set debian-branch as 5.2.3+dfsg-1
   * Drop patches as they're merged upstream
   * Refresh d/patches
Checksums-Sha1:
 bd6b51c425c1243bea8ae610d156106201df27f0 4394 rails_5.2.4.3+dfsg-1.dsc
 bd8f726b22cb82f4499d35edf99db6335ec03143 6165572 rails_5.2.4.3+dfsg.orig.tar.xz
 a82368bedc2f182e66f83c12919653cd93d1464c 88068 rails_5.2.4.3+dfsg-1.debian.tar.xz
 9b3806b43dec91cfdc1bca27c0621dfbcd3fa1b6 20721 rails_5.2.4.3+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 c370d10d978793bef32b32691845cd586e4faf80c10e9f09c5d7df7760c0794c 4394 rails_5.2.4.3+dfsg-1.dsc
 477c520383b336b9a0f95701e06b6f4e218d2d5d9632ae6f0f9f4c3a66c509e0 6165572 rails_5.2.4.3+dfsg.orig.tar.xz
 17b44ade1806cde6ebe3f5ef42766084af962c75bda76606994ddb54e7d75162 88068 rails_5.2.4.3+dfsg-1.debian.tar.xz
 edf7e645e4dd6e1a0dbafdde59654fa94a9d7211b6a06671a9131e5d41398b5a 20721 rails_5.2.4.3+dfsg-1_amd64.buildinfo
Files:
 69accb3fa59e25615eb62764a8afea61 4394 ruby optional rails_5.2.4.3+dfsg-1.dsc
 4cf83a85fd2a16b833d061bc74396372 6165572 ruby optional rails_5.2.4.3+dfsg.orig.tar.xz
 4ea21c5690d77ad4297d09077a2973e0 88068 ruby optional rails_5.2.4.3+dfsg-1.debian.tar.xz
 9c04c7c426bab4455ca4d84595c65b8e 20721 ruby optional rails_5.2.4.3+dfsg-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl7YlCQTHHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLloK4D/0V5dG2GrvPjV2WnKeXwiDHMXBnBVsf
IR0K7QMw3idsIb2tMIlcuGhsrRm6D463Oeya2woA/CiKwUf9hlTTNv2q5O4SCGZI
sRuYghd4uN5FB1/hekWeRKVb/QSMo5erv+7NO8gSvRUrVTTGS7cr7HvtGHpm8oAh
FOI2+B+Q7654aiwPTOGl8PWMwWRHIKdppYv87/yIneFKF5RIgqAdF0URUr3AO2j6
Of9RA1bjmjZTyx7ezAao7JXd4HaV2Yc6DnF4m3KBm+e+/2jjXchns5i5u3xxlJ72
rSoR9049gENTcGmWFifNRsrhyuuenp5EdCEtFxfRHXnwBPm/PgfXiKQUqb/+MBFL
KC807qHxv79LcWMWj3T/s17bjQrAYTMFly94U+z16baEMpdsEM0Cif4vMxGSCMvj
Q3C2eyxZhyE+xHZFw91G2yKohEy6aWZPxakrb4NNrGIRKkpsj5RMEdLQlbI1xPgO
/lxJLLdDwy7n+3EbfB9fCumXuHCo6C9kxwUeebR6SBruJhZJaIh0C9DdDm0D+7Ay
P8bkqgNyR3LOQZ8+yxak0F1rjbgFoFNYjVCmivCkR6CJKojkX/wOjJjr7jjX1QiO
2Mc1sNGUOTRVwXs1VyTRN1d5ka41W1w7DdYfDLisPq5bJKrdEne7VCESabHr5onZ
FsEivkZRKjZQGQ==
=eGTL
-----END PGP SIGNATURE-----
News for package rails
