-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 12 Mar 2013 08:34:11 +0100 Source: ruby1.8 Binary: ruby1.8 libruby1.8 libruby1.8-dbg ruby1.8-dev libtcltk-ruby1.8 ruby1.8-examples ri1.8 ruby1.8-full Architecture: source all amd64 Version: 1.8.7.358-7 Distribution: unstable Urgency: high Maintainer: akira yamada <akira@debian.org> Changed-By: Lucas Nussbaum <lucas@debian.org> Description: libruby1.8 - Libraries necessary to run Ruby 1.8 libruby1.8-dbg - Debugging symbols for Ruby 1.8 libtcltk-ruby1.8 - Tcl/Tk interface for Ruby 1.8 ri1.8 - Ruby Interactive reference (for Ruby 1.8) ruby1.8 - Interpreter of object-oriented scripting language Ruby 1.8 ruby1.8-dev - Header files for compiling extension modules for the Ruby 1.8 ruby1.8-examples - Examples for Ruby 1.8 ruby1.8-full - Ruby 1.8 full installation Closes: 702526 Changes: ruby1.8 (1.8.7.358-7) unstable; urgency=high . [ Salvatore Bonaccorso ] * Add CVE-2013-1821.patch patch. CVE-2013-1821: Fix entity expansion DoS vulnerability in REXML. When reading text nodes from an XML document, the REXML parser could be coerced into allocating extremely large string objects which could consume all available memory on the system. (Closes: #702526) . [ Lucas Nussbaum ] * Reviewed and tested Salvatore's patch. Checksums-Sha1: f97757d388e2d8bbb486ee1c6da4c86f7a74cdda 2520 ruby1.8_1.8.7.358-7.dsc cc0a157eb61591a49ea30e835a05137bbe6bb326 58230 ruby1.8_1.8.7.358-7.debian.tar.gz 5a094f9b25fedc242bf111456addde83da0a3c08 344388 ruby1.8-examples_1.8.7.358-7_all.deb a52cd764fa295fe19deb0a57dac4191eb77f72fe 1428096 ri1.8_1.8.7.358-7_all.deb 3784d0b483a465317bf629551b2828f0d1149153 283794 ruby1.8-full_1.8.7.358-7_all.deb 2a812ee9edf9ab56eff6192ee1a95499fd759ec7 320008 ruby1.8_1.8.7.358-7_amd64.deb eaf48790bcb21136ae8fb554fe8369cf31c10db5 2088084 libruby1.8_1.8.7.358-7_amd64.deb 7d6acbf7d43d2362f14dcb689470cecd93eccff6 1810522 libruby1.8-dbg_1.8.7.358-7_amd64.deb 4220a4e2434a1d695c2392eac1e77791f51c617e 909780 ruby1.8-dev_1.8.7.358-7_amd64.deb 5db2d8c6358e0fc11894c182389849d91025fc16 3127612 libtcltk-ruby1.8_1.8.7.358-7_amd64.deb Checksums-Sha256: 1ed78e381cb91dabb1cc6587bd38526eba87863b235f77d40e9c4930c88cc9fd 2520 ruby1.8_1.8.7.358-7.dsc 9857ce6fe513904ce4243482a061867dc0e920c8384f568477e6e7fa704f149e 58230 ruby1.8_1.8.7.358-7.debian.tar.gz de1cab6fb8c2ad94185e0f7ace768aaac5352901bffde90a09a38e486e37a9b3 344388 ruby1.8-examples_1.8.7.358-7_all.deb 81e87327ac29ea1726e544235ce8a03a8eb665e8333b4f6428073a69d554a9ad 1428096 ri1.8_1.8.7.358-7_all.deb 3f55c73a045e37c2ae3e6fd9b1120f12cf384f1ac62f51f13c419071f519512c 283794 ruby1.8-full_1.8.7.358-7_all.deb b2824544d6c0e934791f8e884d4d625f6622f6b2de500f796e57d5cc9286f09b 320008 ruby1.8_1.8.7.358-7_amd64.deb 556e5134a3ecd376d1282e9b4a200a1a152e8c31c3120fe8edd2970ec8a851de 2088084 libruby1.8_1.8.7.358-7_amd64.deb ce40534d83fc74a55e546687046bcacb1fd692e0da3fa0f71cb3e04a1fe45794 1810522 libruby1.8-dbg_1.8.7.358-7_amd64.deb 356e4a72e456b72cb2f4713bb97846eacebf070eccb2d7beffaf0597c1f7f300 909780 ruby1.8-dev_1.8.7.358-7_amd64.deb 43e97ce8f7a7ee1e56a25654272ee5d08fe19e5aa3b2d620c27c6f5bce557cef 3127612 libtcltk-ruby1.8_1.8.7.358-7_amd64.deb Files: b06c42c5ebc5ea74a61621129b12e4de 2520 ruby optional ruby1.8_1.8.7.358-7.dsc d93e16c71a7d1fea03e72e3a4897dbec 58230 ruby optional ruby1.8_1.8.7.358-7.debian.tar.gz 95a323874f20acb75f3c24f6035bdad5 344388 ruby optional ruby1.8-examples_1.8.7.358-7_all.deb c1b612ada7cb5dbe3b43b3011d4d711e 1428096 ruby optional ri1.8_1.8.7.358-7_all.deb 127498207b95840b1c0111b2cedc55a5 283794 ruby optional ruby1.8-full_1.8.7.358-7_all.deb 252473502501b28d8980ceff0aec1a22 320008 ruby optional ruby1.8_1.8.7.358-7_amd64.deb cb08a0b40daa7e0f719be06d221ce3e1 2088084 libs optional libruby1.8_1.8.7.358-7_amd64.deb cbb01a9059920f5ea0541d41a63c2714 1810522 debug extra libruby1.8-dbg_1.8.7.358-7_amd64.deb 85e2e0b910b9ba88c684edad7e6dd6ec 909780 ruby optional ruby1.8-dev_1.8.7.358-7_amd64.deb f374aff949df1b4475eb172bd4df5086 3127612 ruby optional libtcltk-ruby1.8_1.8.7.358-7_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUBUT7h2jkUtTL0376ZAQpXeg/8CFRf2IvzQTRNds4r+kbKJUj/08B0VL2k p7eJNRXJN7myORYoFNPr0T0dl3eC+lTic7O5UJw0L0TIv83x7jodg1oB4JXKlLha su+xsKEiW+VBK7w3j08eUpBdslTUlRul3jA47bw15NQdwok2pLRVBqWPF5G/VkWx lly6lP+IjnawQmWjBRuRC/l0u7qLq5vWOQkN1dJDHljX6YYJNswabAjCvfnHmnGk 8WH2vgxdS7M9Yg2033zLPUZeTvcNDDRaFb/QsckIBqYbNL84mfVqd990Xv6cLgRu 0XrjH05WS9bFo/toGPpNrCVGmNII2rJ5+cHh0pCDywYuZfwglwzSkMZoHuwYsoX6 N1dYd2a8uhGvLcrbl6wQQpUPYMcCRpef55OFLJ+RUVoDLCVvQiIvhUyzEF9MQLT4 91118r9DMcZUvFMYJ9Z0+8BO4VHCPneawYOPKJPWNLkvp7bXv9ZCW86iUuiF/9IV ZW5bh61OHCN2SYPrvw6huP2PHkn9dxFtZWQXIHlni/dEH9+5IXQiXqiYaLK1PEuf ZZbvwoDWy6hn7lVPEYvLTQIEADgJjbi+Anw8iLHbzNW2NIfgFisuyLm2oLwkdKCp 05rUjdS0LPMtMa3izouiLWEdRFqTpUsfrb11jq/d3E2AtU7AjtgeIbJEMl9KvA7e j4fcRt8iqts= =seu+ -----END PGP SIGNATURE-----