-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 01 Aug 2020 23:02:06 +0530 Source: ruby-zip Binary: ruby-zip Architecture: source amd64 Version: 1.2.0-1.1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Utkarsh Gupta <utkarsh@debian.org> Description: ruby-zip - Ruby module for reading and writing zip files Closes: 902720 Changes: ruby-zip (1.2.0-1.1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2018-1000544: rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability that can be exploited to write arbitrary files to the filesystem. (Closes: #902720) Checksums-Sha1: e7c7c5af3470163e7923bf022cdc3e15d92b0d99 2106 ruby-zip_1.2.0-1.1+deb9u1.dsc 6f6493e60ee66c038d1ecc94ca426a7f1a71e622 150545 ruby-zip_1.2.0.orig.tar.gz 9487daabfd86cdf42addeb1e5a05a13d48833632 6512 ruby-zip_1.2.0-1.1+deb9u1.debian.tar.xz 3ac9f59ca2ae61fba197301811be823407f91fc6 7131 ruby-zip_1.2.0-1.1+deb9u1_amd64.buildinfo 2dc4ac3bfba9de553579e46e622e10d832b420f9 40668 ruby-zip_1.2.0-1.1+deb9u1_amd64.deb Checksums-Sha256: 69dc6a8b652fdadc175bf4f34b9c9b08dd1e3a43897d62f62842767c5e757966 2106 ruby-zip_1.2.0-1.1+deb9u1.dsc d5277faab3c20bd6ca2a987d5ed57ceb406e3aca1d1b125f6979839b73d55ec0 150545 ruby-zip_1.2.0.orig.tar.gz fbfa456d1b8fa2f857fe0df6926cd6055304fdcef23ac6d22dd7717d2aa7a526 6512 ruby-zip_1.2.0-1.1+deb9u1.debian.tar.xz 03cf3fa88625340b8f5d86f8c272925d12ea43f28a40c2ac8a43bf5f951d9832 7131 ruby-zip_1.2.0-1.1+deb9u1_amd64.buildinfo 508b59bbb763f502289d89a797f4c5df99c9a276b504436b3c51d9cbe9fb541b 40668 ruby-zip_1.2.0-1.1+deb9u1_amd64.deb Files: 79bca30b55e425d20159d88033403136 2106 ruby optional ruby-zip_1.2.0-1.1+deb9u1.dsc 0f69403fa8fc083a20cfd213c24a646b 150545 ruby optional ruby-zip_1.2.0.orig.tar.gz 4f93c685177f936e7b8b8b88e50428af 6512 ruby optional ruby-zip_1.2.0-1.1+deb9u1.debian.tar.xz 5d96c701f136f7a308b80fcaa94ee22e 7131 ruby optional ruby-zip_1.2.0-1.1+deb9u1_amd64.buildinfo 2b0faf7cbf6e39b460711012becbe1ad 40668 ruby optional ruby-zip_1.2.0-1.1+deb9u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl8lq7YTHHV0a2Fyc2hA ZGViaWFuLm9yZwAKCRCCPpZ2BsNLljWIEACrIuNkW33jJ0u+t0vNUfjQGqdJp3CX FRE1z0UFBHn+9BW4oDZYtTqob84jmXuEknpXb+Eoai1S6/7AQihDXdInyzRcKoM3 2o3KryclxXqY8X/gO3tG12NmrJ7cLHYmAgYByH2Xl1v87+fydEGVCBoMWfEjHJ2Q 5jH8QmVT/BE8jTFsZp9OYYVmfu/JUXq0p0gzm/nD3XI0VIlA+G9KSbzFQ3dfw8tG CPmQOU3wZCUMaFges3p6TF9ZQaijdUA7gp3T6wsxJihboVDdOR/ZAH9sEKxgorq5 dwOu9d/qspzjYy/C7SV71LXdeX058b4eW92KydPEaelNyH1sxoBcpzEhhMksMsHB iAQGCvBxE/pYeZrYIHFdmugXYB/jz1h+EG4vjAwQn346xUJWWNP3lPfQaoMqSiAw B62aIktOyzO+onkV795lxYvxzAiQSvXykAXUW/mq2IZNDkBePPSgi8wSuNm5Bl6o 5pzRbI/8SiAje8rks+tAgTu9usidAHbCFrcd9l2i1CZqKm4QOJ15pWBMYK9QzmOf s5V5PvxHbF0OyadNKkMr65j8b2IsXx+FBI8QLPzXYqwBK8HhZpKnZIuDxxVs27Td 7u0ocnL/douVG9/Kp3x0O/ao7hmV0IvuGSGdgXnGHXEwnzVQg6deAxpf8wOtJGG9 eH1MSgqG3Tdm0Q== =kxfn -----END PGP SIGNATURE-----