Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted ruby-redcloth 4.3.2-3+deb10u1 (source) into oldoldstable
Date: Thu, 06 Jul 2023 15:20:23 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 06 Jul 2023 15:00:33 +0000
Source: ruby-redcloth
Architecture: source
Version: 4.3.2-3+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 ruby-redcloth (4.3.2-3+deb10u1) buster-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix CVE-2023-31606: Regular Expression Denial of Service (ReDoS)
     issue was discovered in the sanitize_html function of redcloth.
     This vulnerability allows attackers to cause a Denial of
     Service (DoS) via supplying a crafted payload.
Checksums-Sha1:
 3dd64a34430da4126f5e9fb5f2a0f187400729ed 2138 ruby-redcloth_4.3.2-3+deb10u1.dsc
 7c1706784c0835008c781c407af309a5065dac1b 91880 ruby-redcloth_4.3.2.orig.tar.gz
 7725f823b680edc5da44e71db1a1ce7573681108 6800 ruby-redcloth_4.3.2-3+deb10u1.debian.tar.xz
 4c49adc9d8407ba650bd05f0e3b354486a7e2050 9790 ruby-redcloth_4.3.2-3+deb10u1_amd64.buildinfo
Checksums-Sha256:
 a39cde18e7d48979d5ab6ff18de0d4c4a0f401bcd75898b09d910ec62d16d837 2138 ruby-redcloth_4.3.2-3+deb10u1.dsc
 fbfc709ef742f962896e1cd063b8bd828bdc0ddce36755edbe493cd3231ea850 91880 ruby-redcloth_4.3.2.orig.tar.gz
 2fd77c6390d751a0eb899733c1b51beef12d85e12e18726ce33277124857f8c6 6800 ruby-redcloth_4.3.2-3+deb10u1.debian.tar.xz
 db68de98b647135e3a3668fdd6b38ca17daec7f198cc8aef584e6bf1f2e178e6 9790 ruby-redcloth_4.3.2-3+deb10u1_amd64.buildinfo
Files:
 c2314384eb6f87daea468cc891e2baae 2138 ruby optional ruby-redcloth_4.3.2-3+deb10u1.dsc
 ef305724e95b4cbdfbaa085ac2d956c1 91880 ruby optional ruby-redcloth_4.3.2.orig.tar.gz
 ddb3e5d9e3d2b15098540de82a8bc4bf 6800 ruby optional ruby-redcloth_4.3.2-3+deb10u1.debian.tar.xz
 9a390872aaddf5f473626a3facb5f497 9790 ruby optional ruby-redcloth_4.3.2-3+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmSm2LkRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF+0CA//Q/oP4eLx+Gu0xchYf+l02/JIkEcMDwLT
zNEt1NaP26+rM/XHoApqFnl87YpnXCCNUw+qCVBTKpxtHr3aozsf2JBt6qmxj871
h1MibGWe/QmmvSsjL8Y8lAg2Jp9bP777vX6K364ziqJKAQ8rCHhiH1SNzxs3vnmu
Vwi1VzWnm2tQsq3eh5wnW2zRC9YHGlqfxt+g2JE0UqZ0pkFCJUejk2H0vzgjsQsL
L846ZHkaUIK0Wksg5W8a4tIEQs2eJNCXFZiKAUxsD57a3+ocr1n9sDHgShetwJlp
IG6wgpJquTS1L3pTLY8rywu80+TLRtsyapjv6X9fZSsNwmxH42nCYPrjQO5uDItc
2BaSTfIHcf8TQ+OvW2konV4ddHYwc5SDyeTQu+SdveGMzFUhg5wzW1YStoZHqJSh
hVS3L2f1P3Xtyl5bFSkGMk9ep47u7ThhjGcX3PyEEfqjpO06+0DrBASKOTvBwiQV
lXSYvJRxryTib1ESRixRCJMvjqh9hFPts7+ZTlcvkvE+ZKbqJagK5L20Czpr7py9
BHcKGT/U1+rVCUacnUL4LxuT5TQx+dtynYt8my2mWoh+Nr4bQ9Jmo50bTr2ARUhP
8qQ3ATaeiCyt4pVurBI8QXrvstLC0g3wvIij3vffnUrxbXYBDuku+L/lJVYue8kI
i9C2+9tEZeU=
=v4sZ
-----END PGP SIGNATURE-----

News for package ruby-redcloth