-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 15 May 2021 16:05:45 +0530 Source: rails Architecture: source Version: 2:6.0.3.7+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Utkarsh Gupta <utkarsh@debian.org> Closes: 988214 Changes: rails (2:6.0.3.7+dfsg-1) unstable; urgency=high . * Upload to unstable directly. * New upstream version 6.0.3.7+dfsg. (Closes: #988214) - Prevent slow regex when parsing host authorization header. (Fixed: CVE-2021-22904) - Prevent catastrophic backtracking during mime parsing. (Fixes: CVE-2021-22902) - Prevent string polymorphic route arguments. (Fixes: CVE-2021-22885) Checksums-Sha1: edb93d233eb36940900d1c5df718def0a259345d 4841 rails_6.0.3.7+dfsg-1.dsc c93bf6d051c280503aea30877f686f20c5118483 13967752 rails_6.0.3.7+dfsg.orig.tar.xz fb9ff2f2682104fdb7133bb27c6f6970ee10a624 98020 rails_6.0.3.7+dfsg-1.debian.tar.xz eb7063efdba6e7159798854fcb358f4db693f01e 34312 rails_6.0.3.7+dfsg-1_amd64.buildinfo Checksums-Sha256: b35361415eff1467a176cf864d94c74dbd33caa89703a9ae6bb1147c375cfacb 4841 rails_6.0.3.7+dfsg-1.dsc f1adfb152227b0b840a85f3c326db91191149021adb2c5afbed99c6d32a94582 13967752 rails_6.0.3.7+dfsg.orig.tar.xz 8b60bfe7a8f3b767b4a81b63f0f139e7c1652c32b9e02e5be395b2bf775e1312 98020 rails_6.0.3.7+dfsg-1.debian.tar.xz d4de1b95372e160a0d33b4e99e43147ae654e7a194e2a3e5c5f0b5ff27ff4c02 34312 rails_6.0.3.7+dfsg-1_amd64.buildinfo Files: 6df793d6c3bd3d27d559c929619b4af5 4841 ruby optional rails_6.0.3.7+dfsg-1.dsc 9a2058e157560ede7b3a206d6f521d84 13967752 ruby optional rails_6.0.3.7+dfsg.orig.tar.xz 0d72459d196a4be55592a9cc46255559 98020 ruby optional rails_6.0.3.7+dfsg-1.debian.tar.xz a090d9db499272fd768866b1d0752de4 34312 ruby optional rails_6.0.3.7+dfsg-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmCfp0ETHHV0a2Fyc2hA ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlqakD/40KhfE97OMLEUlvHxQ/TSidvleoLNU gxhyouxTj+cYcphScsbjBCa626ooRdIPQd0HY0t7z5QqDOcocsQILDaVwnsqGUDO CMBfxGAlED2fYcjJAtk1cUbIB/7vqwsJGRJUhsynnRimuGsEGzyrPm18+gK36ZdJ tWu5NFSy1+g4//ylIcW8P4DD2nY5gFeddMwoJ+myQfZENcXKQ+l1toDaA7EGZTal abA0dNkgdY0SrVRUkRORzTJaOSBrK1SrH1B+h5EZ5CIv+PDMQdnzlkUrRhEUk19L bKi0ksUDClfx/xc5nJR0btwf/ZGSJMXD72oUJOoAhklu4i7A94J7avPxg5876wBg 0pR7BJXZn9RL9aanJFN2Ie0uSXQguSDfnOabY2Vi4ZVgkJcFaP9k9e3o0G+LfE0g DoNZht35LuduiwT2E0gnCUuNqjVmeIa6Y29AetWKMjlQ7KPOrjtUq0lAXV9w0zIj 72qcORBIKiZ4WnqEhW/i6JALXPqyVID9oyhEPUWqK7/RxwuP52/j2ciUBbxy4BqK KhQCDjsh7/uStATNlkoxZz/pCPt4/SxOvg9PiWsI8/yfXpRJiXYfx4etASP0MA1d zespmxGzl11X7QvN0UhZpp6jA8cT19XshS/8n3R9VM34jgeNYKXi95bZrmEFQOrb sJEoO0B1/lZoFg== =ItQZ -----END PGP SIGNATURE-----
