Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted ruby-git 1.7.0-1+deb11u1 (source) into oldoldstable-security
Date: Sun, 14 Dec 2025 13:30:23 +0000
Signed by: Utkarsh Gupta <utkarsh@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 08 Dec 2025 12:41:58 +0530
Source: ruby-git
Built-For-Profiles: noudeb
Architecture: source
Version: 1.7.0-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Closes: 1009926
Changes:
 ruby-git (1.7.0-1+deb11u1) bullseye-security; urgency=high
 .
    * Non-maintainer upload by the LTS team.
    * Add patch to address command line injection in Git::Lib#fetch.
      (Fixes: CVE-2022-25648) (Closes: #1009926)
    * Add patch to properly unescape diff paths and in ls-files do not unescape
      file paths with eval. (Fixes: CVE-2022-46648, CVE-2022-47318)
Checksums-Sha1:
 c8c018efb614f074f833cafc4b6d24ad6eaa98df 2121 ruby-git_1.7.0-1+deb11u1.dsc
 05939577af00bd543ec99bc69b2088a231c2265b 142017 ruby-git_1.7.0.orig.tar.gz
 2c1ab38feb11d972dd295c5a03e4c58651068697 7064 ruby-git_1.7.0-1+deb11u1.debian.tar.xz
 fc87e12a112ce76b5bf82301c7467d5903886aab 16087 ruby-git_1.7.0-1+deb11u1_source.buildinfo
Checksums-Sha256:
 a5fd97eb30d6bd8f97d3496351ac08c315ec350ca60d1faa1a057f6f67f8dfcc 2121 ruby-git_1.7.0-1+deb11u1.dsc
 c44019e1b314f39b392d2e61ddabbc9e7d311ec5f3276bd02f69e4d0e4133f27 142017 ruby-git_1.7.0.orig.tar.gz
 5fd78fd571b6308bea7eba3e025171a49d8ffbecb8ae341d4a61d808647f6193 7064 ruby-git_1.7.0-1+deb11u1.debian.tar.xz
 0958008091d0dc2f2d788a6a8f44bc26a3772599ca1bccc4660207e6bcf4b7cb 16087 ruby-git_1.7.0-1+deb11u1_source.buildinfo
Files:
 0debfa8ab97dc776f8625579b5e44652 2121 ruby optional ruby-git_1.7.0-1+deb11u1.dsc
 4fe68651efb87dee52b7db144d16c47d 142017 ruby optional ruby-git_1.7.0.orig.tar.gz
 82485023d92ec698b031d30c31f24d85 7064 ruby optional ruby-git_1.7.0-1+deb11u1.debian.tar.xz
 431b2bc08327d205c0904f9d84f00687 16087 ruby optional ruby-git_1.7.0-1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmk+uN0THHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlhIfD/sGpYg8qXCHojYPZNquElmPmp4X7Mxb
7RKOruBtRz7ooTwOtKjYW2EF64OqnWSCASju4ZpJNjvQvaybtuAxHDIAaPNoyiuy
fKcHzTe5bw1nTI6CAedothWfB7pJ4453an+LwMRIAe577C6y9miwRp8oWVGwxNSD
3cTkgwNxUqrmDlEJfjaF6mjn/f//EVBxFOvz4WioYp1eKmO2b5Sknc3yCCo1I4QT
oJr+VER8glXGlKJl+6QN3/xxTsJziqCJBuDooKTg+NZ8zyoKKOEznX33NGs3tFBn
9j7CogDAP4PCnYsvGoeeW/AoMbyVBpdhvXal1KXlbIA0RU9LFJgjLPPn9mntXLUc
JQv2Q/Zyy9uB6LQ3PP+mcW5Yledm8ue2EubhI3oomEhUjnMWoHnGbXOXinSMbVS6
W/Wr/oAIoh+DfkSWL9cMW9Vo/TJ25X8Dm5Gza58kMbQsyJMoiTgdt0ov/glHC9TV
cbK0lw78kcSmnM2DRgNmuewU9p6DfNw7NkzPsvlWQvcosc+XOI9L6EOgxLBks8Hb
3XKzDx84qzsBXo3gDJK2Pu2sIwGDTY/QRg3RgLR+68HQd83Mgqpd1RL19xtdio2R
JTBPzMtrFxOIDnXSdCIkgaWCpD72czqKV8MuV6sO1CZ8P6JdsC7jJ8LnPKC9BOjD
yzTsBtMl5r0VwA==
=+31t
-----END PGP SIGNATURE-----

News for package ruby-git