-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 10 May 2014 14:33:15 -0300 Source: ruby-actionpack-3.2 Binary: ruby-actionpack-3.2 Architecture: source all Version: 3.2.6-6+deb7u2 Distribution: wheezy-security Urgency: medium Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Antonio Terceiro <terceiro@debian.org> Description: ruby-actionpack-3.2 - web-flow and rendering framework putting the VC in MVC (part of R Closes: 747641 Changes: ruby-actionpack-3.2 (3.2.6-6+deb7u2) wheezy-security; urgency=medium . * [CVE-2014-0081] XSS Vulnerability in number_to_currency, number_to_percentage and number_to_human * [CVE-2014-0082] Denial of Service Vulnerability in Action View when using render :text * [CVE-2014-0130] Directory Traversal Vulnerability With Certain Route Configurations (Closes: #747641) Checksums-Sha1: 970d1218c24119d33517e9d54334f41b967587e6 2337 ruby-actionpack-3.2_3.2.6-6+deb7u2.dsc 0fedcc1db03668d3d068a4b46c82757da68cf07a 10964 ruby-actionpack-3.2_3.2.6-6+deb7u2.debian.tar.gz 228277235a288b19412fd47a2c072e0a9e26883e 388116 ruby-actionpack-3.2_3.2.6-6+deb7u2_all.deb Checksums-Sha256: f7c9fae84baae2a547301fb9dc470dbffdce92716e49bd8a4ea4c7fae0bf64e0 2337 ruby-actionpack-3.2_3.2.6-6+deb7u2.dsc 672a6c853e1a1d3efe5183323495b3b39e91bdffe7ea12aa20cefec1e867da5c 10964 ruby-actionpack-3.2_3.2.6-6+deb7u2.debian.tar.gz d74c53be5deacdfc8aae3df588ed1c8074e9db62388a4d35477df7fdb9d668f3 388116 ruby-actionpack-3.2_3.2.6-6+deb7u2_all.deb Files: 16b4c9a6a8adaac52b9400d75d8cf104 2337 ruby optional ruby-actionpack-3.2_3.2.6-6+deb7u2.dsc c14ff8fbf4b23dce47c358a4d0281d96 10964 ruby optional ruby-actionpack-3.2_3.2.6-6+deb7u2.debian.tar.gz 4074ef740338fa3aef161b96658071ad 388116 ruby optional ruby-actionpack-3.2_3.2.6-6+deb7u2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJTc66iAAoJEPwNsbvNRgvekTsQAK8Dzt6xw9ZxnK9LGxzFa+eC 0bVdarM4uPz4BsHuYGF4npQGijvWzVzNTpjbTgB4L0dt5AccHaVUQ2gpdIyNPFIr ewNoqQ/fQjCX7Y7TyII7lPY/Vkas2n80i42F/IAlVSkJpwkRZFolHvwEkVfC4cFe FJhMJ8rPeexva7lC0qK0c3+qbz/6ZHovCT8Y1O70Xk4eFHa85am2eiE+rO3WPnrF W7BmR0fhVOu3zj/5T+qxfcajfaYVDw5dcQkqL1IzBQdxvgUkAdF8yCXHz9QzfX5C 9Vkb7HZUUFmN/negmyq3aQsHP0JXaXTux2WsOSbKuN8t0cIftwaEZ8iqZsZfna/1 aJiIq7awdufW7pp6qGtbtRpu0kNwGPTt+ws4Y/yZu37lIb8w67x8bYeCricozFPG o88Bf5Mzk8T3uxPH0H5Z9U1/6GZWAiVuU4uvyI/+xYjDGof2eU9esv+qtWjTFvGo YDpPkPAEtt3j/ThHjeN5fjELVvu6tG/AL84Dw/bPrFWJ6CG/uYYVb3r6fsI26dXZ K/uzWNqLLyGD1f/ssahXNqj+EfUJMX/0VrLZX7+nky2v6MuHE8rury7Ndgrv3AKr oApzquSPicnjJwSzEEJNVaMUUuKC7Ec7GXzmAU0bhe21Y508I8o7bqdPuynwp9wN LkhR4taAiVRIlfGw/sr5 =vu6f -----END PGP SIGNATURE-----