Debian Package Tracker

general

source: bundler (main)
version: 1.16.1-3
maintainer: Debian Ruby Extras Maintainers (archive) [DMD]
uploaders: Scott Leggett [DMD] – Antonio Terceiro [DMD]
arch: all
std-ver: 4.1.5
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.4-6
oldstable: 1.7.4-1
old-bpo: 1.11.2-1~bpo8+1
stable: 1.13.6-2
testing: 1.16.1-3
unstable: 1.16.1-3

versioned links

1.1.4-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.7.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.11.2-1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.13.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bundler
ruby-bundler

action needed

A new upstream version is available: 1.17.2 high

A new upstream version 1.17.2 is available, you should consider packaging it.

Created: 2018-05-17 Last update: 2018-12-19 07:11

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2016-10-05 Last update: 2018-07-25 08:21

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2017-06-18 Last update: 2018-07-25 08:21

5 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.17.1-1, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 5c0567c6c051e550db510b9ce69e7f872350cae0
Author: Antonio Terceiro <terceiro@debian.org>
Date:   Wed Nov 28 10:41:39 2018 -0200

    Refresh patches again

commit b3a91f01385ebb1f313559ed8236dadae00b48b8
Author: Antonio Terceiro <terceiro@debian.org>
Date:   Wed Nov 28 10:34:45 2018 -0200

    New upstream version 1.17.1

commit 093a9a80b2eaf6dcd404f237bbcb8e6f616e9cd3
Author: Antonio Terceiro <terceiro@debian.org>
Date:   Wed Nov 28 10:34:43 2018 -0200

    New upstream version 1.17.1

commit 757b1577b4babeee47727b9ba30d9714407638b2
Author: Antonio Terceiro <terceiro@debian.org>
Date:   Mon Sep 24 21:40:52 2018 -0300

    Refresh patches against new upstream release

commit 40b8c408d3ae0833eb63624bca2e51541c996894
Author: Antonio Terceiro <terceiro@debian.org>
Date:   Mon Sep 24 21:33:37 2018 -0300

    New upstream version 1.16.5

Created: 2018-11-28 Last update: 2018-12-18 15:39

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2018-09-11 Last update: 2018-09-11 08:01

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2016-10-05 Last update: 2018-07-25 08:21

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2016-10-05 Last update: 2018-07-25 08:21

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.1.5).

Created: 2018-08-20 Last update: 2018-08-26 08:17

news

[rss feed]

[2018-07-25] bundler 1.16.1-3 MIGRATED to testing (Debian testing watch)
[2018-07-23] Accepted bundler 1.16.1-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2018-05-07] bundler 1.16.1-2 MIGRATED to testing (Debian testing watch)
[2018-05-04] Accepted bundler 1.16.1-2 (source) into unstable (Antonio Terceiro)
[2018-03-21] bundler 1.16.1-1 MIGRATED to testing (Debian testing watch)
[2018-03-15] Accepted bundler 1.16.1-1 (source) into unstable (Cédric Boutillier)
[2017-07-09] bundler 1.15.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-03] Accepted bundler 1.15.1-1 (source) into unstable (Lucas Nussbaum)
[2016-12-19] bundler 1.13.6-2 MIGRATED to testing (Debian testing watch)
[2016-12-08] Accepted bundler 1.13.6-2 (source) into unstable (Christian Hofstaedtler)
[2016-12-06] bundler 1.12.5-4 MIGRATED to testing (Debian testing watch)
[2016-11-30] Accepted bundler 1.12.5-4 (source) into unstable (Christian Hofstaedtler)
[2016-07-19] bundler 1.12.5-3 MIGRATED to testing (Debian testing watch)
[2016-07-13] Accepted bundler 1.12.5-3 (source) into unstable (Christian Hofstaedtler)
[2016-07-12] bundler 1.12.5-2 MIGRATED to testing (Debian testing watch)
[2016-07-05] Accepted bundler 1.12.5-2 (source) into unstable (Christian Hofstaedtler)
[2016-06-04] bundler 1.12.5-1 MIGRATED to testing (Debian testing watch)
[2016-05-29] Accepted bundler 1.12.5-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-22] bundler 1.12.4-1 MIGRATED to testing (Debian testing watch)
[2016-05-16] Accepted bundler 1.12.4-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-12] bundler 1.12.3-1 MIGRATED to testing (Debian testing watch)
[2016-05-06] Accepted bundler 1.12.3-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-05] Accepted bundler 1.12.2-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-01] Accepted bundler 1.12.1-1 (source) into unstable (Christian Hofstaedtler)
[2016-04-12] Accepted bundler 1.11.2-1~bpo8+1 (source all) into jessie-backports, jessie-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-02-27] bundler 1.11.2-1 MIGRATED to testing (Debian testing watch)
[2016-02-21] Accepted bundler 1.11.2-1 (source all) into unstable, unstable (Antonio Terceiro)
[2015-10-07] bundler 1.10.6-2 MIGRATED to testing (Britney)
[2015-10-01] Accepted bundler 1.10.6-2 (source) into unstable (Antonio Terceiro)
[2015-08-24] bundler 1.10.6-1 MIGRATED to testing (Britney)

bugs [bug history graph]

all: 3
RC: 0
I&N: 3
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.16.1-3
1 bug