Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted ruby-yajl 1.2.0-3.1 (source) into unstable
Date: Wed, 08 Nov 2017 13:52:37 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 08 Nov 2017 07:31:37 +0100
Source: ruby-yajl
Binary: ruby-yajl
Architecture: source
Version: 1.2.0-3.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 880691
Description: 
 ruby-yajl  - Ruby interface to Yajl, a JSON stream-based parser library
Changes:
 ruby-yajl (1.2.0-3.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2017-16516: Crafted JSON file allows to crash ruby process with a
     SIGABRT in the yajl_string_decode function (Closes: #880691)
Checksums-Sha1: 
 7aba26f825c8ad16728d4b79f72b3cc0885c4e31 2316 ruby-yajl_1.2.0-3.1.dsc
 4c3154e35aa82e0143194047d83190f79167f35c 6048 ruby-yajl_1.2.0-3.1.debian.tar.xz
 2339a8cdb8ad028a3bae8db1a56d7c54ed1fd0cb 5920 ruby-yajl_1.2.0-3.1_source.buildinfo
Checksums-Sha256: 
 1b7deee6177ebdccdf8fe6c4d075be44dc9679ca0f43851acece9b6940811d29 2316 ruby-yajl_1.2.0-3.1.dsc
 e47d1bca00facfb09e214d803bde385357ca1b46712b44b98a30cf329e4877f3 6048 ruby-yajl_1.2.0-3.1.debian.tar.xz
 c62ba380bd3a786266893c0032d4a7c198f524b8d94e6740116f519e116ff9cf 5920 ruby-yajl_1.2.0-3.1_source.buildinfo
Files: 
 b77ddbe13a375c5eebbb207628e63ed7 2316 ruby optional ruby-yajl_1.2.0-3.1.dsc
 f41ded7b1f374fce0227e8f5dad05c70 6048 ruby optional ruby-yajl_1.2.0-3.1.debian.tar.xz
 1130f4551e43a73c19a1c1a1f2f9499e 5920 ruby optional ruby-yajl_1.2.0-3.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAloCpxpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EbVgP/RZ5jpDvRhPBULOS41ftzIgRXrRahPfl
LXCUFU4UALgk7GxsiCgv7hzaWTl6C2R5KSW0WpTps0+wF/rLuJR4a1ww/+A4ZMD+
xXORW2pn5v6eQ4K0e/J2CVIndm/cuBNlgoUoqL+ehUKKmclL6e+Wf4evYQdCxhxA
xS5wSbRS+KVeY9EsqBk+/iU3dbmqKGc6Sd4Ufqoj2fxeY9ECPMmn2v1pNV/Oj8YZ
azrlo4pAI/IcVnrksPDqGyXg+2LPt2oBJsNDMjrZ0/O+gz6mAh561vRoVRxXewNa
sh/P717SRKp3UxfGAEGjh30SPX1M9bQ3cfXaJ2qXufDsjNt/wWd9g8oIAvMP5SAF
zbpVWR6l4Ufa/DEuQDSNhGYjNVxbRbZIqGwuYA2nXz6/9Y05oaV9ui1rwU4puBD4
BHDS4V6KG7w7fo9pcDPHB9iwehWMuCZ/Idx5xuE9qbXzqes2GuJ9JnwJYD7yzwNn
gNC3UWUJU/QbUxHaUedTawhvFamPTmtj0Ai82kHXQEVZZ0qN3wCQo+N2WAIpWM8j
C2GPk1S6yGJERsgKmiv0Sqw3PpbU9fYE243yF8boyf+7jhkkUo3yVkliKDhUYcVP
2gJVYjbfUjjSUxJcacdtdgr/4JPik64tg/AdBrauu82L5RstjiDaBio7GnFFJHLH
FWj4kIE/dPzc
=bqYs
-----END PGP SIGNATURE-----
News for package ruby-yajl
