Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted ruby-loofah 2.7.0+dfsg-1+deb11u1 (source) into oldstable-security
Date: Sat, 28 Sep 2024 17:40:18 +0000
Signed by: Adrian Bunk <bunk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 Sep 2024 14:21:23 +0300
Source: ruby-loofah
Architecture: source
Version: 2.7.0+dfsg-1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Changes:
 ruby-loofah (2.7.0+dfsg-1+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-23514: slow regex attribute check with crass parser
   * CVE-2022-23515: XSS with "image/svg+xml" in data URIs
   * CVE-2022-23516: Uncontrolled CDATA recursion
   * Provide scrub_uri_attribute for ruby-rails-html-sanitizer.
Checksums-Sha1:
 40fd59320290acc1cc1755b3f090331465814387 2242 ruby-loofah_2.7.0+dfsg-1+deb11u1.dsc
 9b640033c040c3a28dccf729276e3ec20c55fd41 23012 ruby-loofah_2.7.0+dfsg.orig.tar.xz
 0fb9bbcba69d535892963229bfb3bb0487306a57 6264 ruby-loofah_2.7.0+dfsg-1+deb11u1.debian.tar.xz
Checksums-Sha256:
 1dc712b1abab940e5b5ae959f1f69a7dbd52ef726290f41a360cd29c44fffc73 2242 ruby-loofah_2.7.0+dfsg-1+deb11u1.dsc
 ab46f086b5b1786abe3f511db37a46bec836cf33cebd2b6f9c4baf7cad6910c0 23012 ruby-loofah_2.7.0+dfsg.orig.tar.xz
 762da3a7d2c9094bd10a6105172b747536908480134c1ea592ffc6211661494d 6264 ruby-loofah_2.7.0+dfsg-1+deb11u1.debian.tar.xz
Files:
 887ce4cd853df744b6aaf39e4d9be07b 2242 ruby optional ruby-loofah_2.7.0+dfsg-1+deb11u1.dsc
 851d1b9bd41c9c900cd1014a795760a6 23012 ruby optional ruby-loofah_2.7.0+dfsg.orig.tar.xz
 472df9500970d9f22d8e63de3288551f 6264 ruby optional ruby-loofah_2.7.0+dfsg-1+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmb4PN0ACgkQiNJCh6LY
mLFcpRAAsw7RkRUZjlUWDREX5H7BWMdYoextPxxt6OR04kWMMl/9iU9uGVa7YwmA
IN8GrjRIEFJADLRZdj1TI4WAgpAfxDRKIK14+vmuCzi1ZoR0Cl7HthTWZyStzbVp
WvudvpLwkgZC67Efiome6sgYkMgzjBQy6vJA042vEGvSo+NV7FqkECEXKAjHvCqZ
VAxxY4IYBFtuxQjaKXoR1herIqieOAUEALYR2mp6z0KYuBgmx7xesx0aZBqGpm0r
jOvVSMHDVSkiq7bMeVWMET1NGq0Z2J9G9kaVL2W5plnmXAX4fbzfmifh07Gj4X7R
qqHK4/PHeKBbn9VNMXUaOF9EMSsJOiVRXTHNlD/RXQ3BQwhID2qnc4/99WNsfjA/
lkd5Y4lP1ek2oT3iXtB5DuAj/Il0xl+hX/SxJFkKJozoJRjiw67OqAAqyAKfbtgs
Zq1YE0F1Fl1TzKrSGcv1Nw7QFIA1iRTtippsAQowgq5o3NR4TbQoX/qmvGB0e2xi
KwrB6u/k8UEj5KxkKYul4dUwbh8P+YCOr/SMflJ9zmzVrm/vOC6aLz2+vrMHQ+vQ
8Y/9F/EmoAASoPrsb2p/5oBGNBWhYGihyKZg3JrRsi7LxBN6b8OsNIIZSV/N9jXZ
kP6xXCcOdAnLypo5TkAOeVlG7rkJmoxgiRF0a6z+cpofBkzMDyU=
=6jqV
-----END PGP SIGNATURE-----

News for package ruby-loofah