Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted ruby-rack 2.2.7-1.1 (source) into unstable
Date: Sat, 04 May 2024 21:17:14 +0000
Signed by: Adrian Bunk <bunk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 02 May 2024 22:55:26 +0300
Source: ruby-rack
Architecture: source
Version: 2.2.7-1.1
Distribution: unstable
Urgency: high
Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Closes: 1064516
Changes:
 ruby-rack (2.2.7-1.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2024-25126: ReDoS in Content Type header parsing
   * CVE-2024-26141: Reject Range headers which are too large
   * CVE-2024-26146: ReDoS in Accept header parsing
   * Closes: #1064516
Checksums-Sha1:
 f74ea2d462b8737d733fabf353e6c3d9797b2d84 2347 ruby-rack_2.2.7-1.1.dsc
 5f0f4c3a182eba4c4066b011623f01053c8ebc8e 279222 ruby-rack_2.2.7.orig.tar.gz
 6150b1489f5bbf7e4164c9da072976b3d3988d51 10932 ruby-rack_2.2.7-1.1.debian.tar.xz
Checksums-Sha256:
 1dd5f94772d834d6b0f24d64d4890223f7fdc6c6b1248190acaf2e7726f3779d 2347 ruby-rack_2.2.7-1.1.dsc
 e942379fba7a6aa18951973a95cc323c10af7aa7ff61207794bf6fea3ec822b4 279222 ruby-rack_2.2.7.orig.tar.gz
 0bf5154539fdedd122ec3faef1f207681503559d0af4e348c29da701e31dda71 10932 ruby-rack_2.2.7-1.1.debian.tar.xz
Files:
 d34fa63feef913c5426dfaa79cdaa82b 2347 ruby optional ruby-rack_2.2.7-1.1.dsc
 09f5512b2919ceffc5ab777aebf0c88a 279222 ruby optional ruby-rack_2.2.7.orig.tar.gz
 946e35965f30969180924c81317cb52f 10932 ruby optional ruby-rack_2.2.7-1.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmYz8XMACgkQiNJCh6LY
mLFy/Q/+OEpOrUfoSpwiFtXW6q5qSRCeRMCFTn40LGI3Qtfn5r8Yrj9/cMh7XTIE
OBXyEItK6BO5InugVO8qBe89dC77aql4L5AcGcZYpOBySGjWd7+WBY7HLqWjjDN5
d3jVq/kYQnpgahh0NkN9wu6Pe+e5J9/OSXW2XRAuAfEi8hMcpJSMnKlUp79GTNVE
ht92LRprlftq4tkCMeB47gTQF16fTZHTsaN02rdN5yoTiGyw3IGto6+flMztzq5e
EDaK3AnMwYgkzmlKT/xSz6zKCNi9N51kuyOpcUHFvQ5WieLoHvQ9TOjrU5W4Gq8y
2oWTZmVbwn0r+SbKtzsUWGT2bB4Omun618yvqDcwMuLe+L7oHjdIdGDsWIVeT/o1
7p1OYoGjhfZbje6YG5ckb3CPaaeGbxDhy/Zo/Is82buU+kFG0nOPunYUpyyfXMk7
n6fqBt2Fup/iPA9JFL6J+Fu2TpC3UpA+Kr/2pEqFnxIdB2YhNNmY44qTdpfu6pKP
sK0xoTlAM+H0ZpKqkybAG737+06b3PrC7kpWEcnPNCXUs5vqoGM1R3AyBpcJvpCT
nVbU3G3yHX6dIIBuBZr7muR47UGio+WpWcN2/rt4uWC1eGqTVcUaVq67uBMoO9mF
slULPmr8fsVeUqtafo34S56rVLtTrar3kzZxAFIvvAcKB6iJoQs=
=beJv
-----END PGP SIGNATURE-----

News for package ruby-rack