-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 04 Dec 2013 10:34:24 +0100 Source: rails-4.0 Binary: ruby-activesupport-4.0 ruby-activerecord-4.0 ruby-activemodel-4.0 ruby-actionpack-4.0 ruby-actionmailer-4.0 ruby-railties-4.0 ruby-rails-4.0 Architecture: source all Version: 4.0.2+dfsg-1 Distribution: unstable Urgency: low Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Ondřej Surý <ondrej@debian.org> Description: ruby-actionmailer-4.0 - email composition, delivery, and receiving framework (part of Rai ruby-actionpack-4.0 - web-flow and rendering framework putting the VC in MVC (part of R ruby-activemodel-4.0 - toolkit for building modeling frameworks (part of Rails) ruby-activerecord-4.0 - object-relational mapper framework (part of Rails) ruby-activesupport-4.0 - Support and utility classes used by the Rails 4.0 framework ruby-rails-4.0 - MVC ruby based framework geared for web application development ruby-railties-4.0 - MVC ruby based framework geared for web application development Changes: rails-4.0 (4.0.2+dfsg-1) unstable; urgency=low . [ Antonio Terceiro ] * ruby-actionpack-4.0: tighten versioned dependency on ruby-rack to take epoch into account. . [ Ondřej Surý ] * New upstream version 4.0.2+dfsg, fixes: + [CVE-2013-6417] Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk) + [CVE-2013-4491] Reflective XSS Vulnerability in Ruby on Rails + [CVE-2013-6415] XSS Vulnerability in number_to_currency + [CVE-2013-6414] Denial of Service Vulnerability in Action View + [CVE-2013-6416] XSS Vulnerability in simple_format helper Checksums-Sha1: a71aaff6aba18e851784069f620e47b7b2982cb7 1821 rails-4.0_4.0.2+dfsg-1.dsc 3df0ac64ff0fab7a996d533660b647b0a4e570b3 1430448 rails-4.0_4.0.2+dfsg.orig.tar.xz a38bab3245a16446c747a28cbf51b59feaede93f 12507 rails-4.0_4.0.2+dfsg-1.debian.tar.gz 1adce4290a9107708f35158fd565b67c71d21f2f 197722 ruby-activesupport-4.0_4.0.2+dfsg-1_all.deb 76df09fb7f0b81268b61aeb3db5ccfa046dab716 258732 ruby-activerecord-4.0_4.0.2+dfsg-1_all.deb f4adc8dedb321328176ea772adf98709d275b0c9 47520 ruby-activemodel-4.0_4.0.2+dfsg-1_all.deb 25a19384475e437301ae49694192e679fbc7ee0f 283494 ruby-actionpack-4.0_4.0.2+dfsg-1_all.deb 6e759add6350a6bd8e1fcb87bcd123ad165f2e77 27290 ruby-actionmailer-4.0_4.0.2+dfsg-1_all.deb 5d7ddf64e24539d4f8b25ab2d89a6d5ceef59ef0 110512 ruby-railties-4.0_4.0.2+dfsg-1_all.deb 7241a971fb6dec285a67eee6ab448fc02f96ea04 11870 ruby-rails-4.0_4.0.2+dfsg-1_all.deb Checksums-Sha256: 5ab629be7b51f8c67e52a4b7d8db27532cd8a46f9ab643b2ea9dfa8b5703ec1b 1821 rails-4.0_4.0.2+dfsg-1.dsc 085d7b821936dee635316540bab80fd07444f9669f00a61f7ef277cb93a8ecd7 1430448 rails-4.0_4.0.2+dfsg.orig.tar.xz 4794c07dd147de21c38fd2ee32f26c703ee6ac15cd73b7093ea8733507ff7158 12507 rails-4.0_4.0.2+dfsg-1.debian.tar.gz ff41b79e6d0924384207145b0fd72a03a10de83600b18f29646a4483466b361f 197722 ruby-activesupport-4.0_4.0.2+dfsg-1_all.deb 45c5abd87a55720df34dcab61247a67d6b16f789a1f5bca33c9b3e04fd60d6b7 258732 ruby-activerecord-4.0_4.0.2+dfsg-1_all.deb 8db6f0c9ae693aa88780bd3e60f983d91e9778076f6c40d56ddee1c55f00e7c7 47520 ruby-activemodel-4.0_4.0.2+dfsg-1_all.deb ad94f3037522910173f81c718d651a530e4852b52b9620f744b6701575d9c8f3 283494 ruby-actionpack-4.0_4.0.2+dfsg-1_all.deb 3ea3572df52fb7c001e527e14a2496ec9cd666beaca2e49b941ecf4c252743ac 27290 ruby-actionmailer-4.0_4.0.2+dfsg-1_all.deb 697a54a7fb6a7d4292154290cd32262bcbe5c67ce521520dea3d40095c1ba6a1 110512 ruby-railties-4.0_4.0.2+dfsg-1_all.deb 7c1603d98d3277d6f07d80269c38876fccfa59a5bd66b38b58b6da72cdec07ec 11870 ruby-rails-4.0_4.0.2+dfsg-1_all.deb Files: c20f1b98be449304c7b7aed30fd05d22 1821 ruby optional rails-4.0_4.0.2+dfsg-1.dsc 1243acdf1ce0b7419fac957a24ea482c 1430448 ruby optional rails-4.0_4.0.2+dfsg.orig.tar.xz 047f3001270513f9135bddcdf9a6c99a 12507 ruby optional rails-4.0_4.0.2+dfsg-1.debian.tar.gz bc915d5259f7e71de7b0e16079fa1620 197722 ruby optional ruby-activesupport-4.0_4.0.2+dfsg-1_all.deb c62a2e67eb1235577dd0c968330594fa 258732 ruby optional ruby-activerecord-4.0_4.0.2+dfsg-1_all.deb 94b1cabf96fa43e4f26db31ae2334c9d 47520 ruby optional ruby-activemodel-4.0_4.0.2+dfsg-1_all.deb d6d11194afbcd5b4170ed9e5f30abb37 283494 ruby optional ruby-actionpack-4.0_4.0.2+dfsg-1_all.deb 1b9edd27a2b12cc74f21551a3011f301 27290 ruby optional ruby-actionmailer-4.0_4.0.2+dfsg-1_all.deb 2567e617b8dcb2760bb8e31237007984 110512 ruby optional ruby-railties-4.0_4.0.2+dfsg-1_all.deb 4ece26e72997c586da75a632e0a026fb 11870 ruby optional ruby-rails-4.0_4.0.2+dfsg-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlKe+cUACgkQ9OZqfMIN8nN/MgCeP2HzuI6FbRhN6p/vkeamKrdT D9MAn1D4e8JKvVOfwc9G7uQYAabLA06Z =Qw6v -----END PGP SIGNATURE-----