Debian Package Tracker

general

source: bundler (main)
version: 1.17.3-3
maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
uploaders: Scott Leggett [DMD] – Antonio Terceiro [DMD]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.7.4-1
oldstable: 1.13.6-2
stable: 1.17.3-3
testing: 1.17.3-3
unstable: 1.17.3-3

versioned links

1.7.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.13.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.17.3-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bundler (2 bugs: 0, 2, 0, 0)
ruby-bundler

action needed

A new upstream version is available: 2.0.2 high

A new upstream version 2.0.2 is available, you should consider packaging it.

Created: 2019-08-04 Last update: 2019-10-20 15:03

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2019-07-07 Last update: 2019-08-17 00:31

2 security issues in stretch high

There are 2 open security issues in stretch.

1 important issue:

CVE-2019-3881:

1 issue skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix them.

Created: 2016-10-05 Last update: 2019-08-17 00:31

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2016-10-05 Last update: 2019-08-17 00:31

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.17.3-4, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 6ceee782b9df9f2fac5ba66b31ec04d4a7a4d7b6
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date:   Tue Aug 13 03:02:03 2019 +0530

    Update d/ch

commit b4a80fa0036f26d7a64e35475269129a491dcd2a
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date:   Tue Aug 13 03:02:03 2019 +0530

    Add salsa-ci.yml

Created: 2019-08-12 Last update: 2019-10-16 22:08

lintian reports 9 warnings normal

Lintian reports 9 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-03-13 Last update: 2019-03-13 05:37

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2017-06-18 Last update: 2019-08-17 00:31

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2016-10-05 Last update: 2019-08-17 00:31

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.1 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-09-29 23:40

news

[rss feed]

[2019-03-20] bundler 1.17.3-3 MIGRATED to testing (Debian testing watch)
[2019-03-09] Accepted bundler 1.17.3-3 (source) into unstable (Antonio Terceiro)
[2019-02-09] bundler 1.17.3-2 MIGRATED to testing (Debian testing watch)
[2019-02-06] Accepted bundler 1.17.3-2 (source) into unstable (Lucas Kanashiro)
[2019-02-06] bundler 1.17.3-1 MIGRATED to testing (Debian testing watch)
[2019-02-03] Accepted bundler 1.17.3-1 (source) into unstable (Antonio Terceiro)
[2018-07-25] bundler 1.16.1-3 MIGRATED to testing (Debian testing watch)
[2018-07-23] Accepted bundler 1.16.1-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2018-05-07] bundler 1.16.1-2 MIGRATED to testing (Debian testing watch)
[2018-05-04] Accepted bundler 1.16.1-2 (source) into unstable (Antonio Terceiro)
[2018-03-21] bundler 1.16.1-1 MIGRATED to testing (Debian testing watch)
[2018-03-15] Accepted bundler 1.16.1-1 (source) into unstable (Cédric Boutillier)
[2017-07-09] bundler 1.15.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-03] Accepted bundler 1.15.1-1 (source) into unstable (Lucas Nussbaum)
[2016-12-19] bundler 1.13.6-2 MIGRATED to testing (Debian testing watch)
[2016-12-08] Accepted bundler 1.13.6-2 (source) into unstable (Christian Hofstaedtler)
[2016-12-06] bundler 1.12.5-4 MIGRATED to testing (Debian testing watch)
[2016-11-30] Accepted bundler 1.12.5-4 (source) into unstable (Christian Hofstaedtler)
[2016-07-19] bundler 1.12.5-3 MIGRATED to testing (Debian testing watch)
[2016-07-13] Accepted bundler 1.12.5-3 (source) into unstable (Christian Hofstaedtler)
[2016-07-12] bundler 1.12.5-2 MIGRATED to testing (Debian testing watch)
[2016-07-05] Accepted bundler 1.12.5-2 (source) into unstable (Christian Hofstaedtler)
[2016-06-04] bundler 1.12.5-1 MIGRATED to testing (Debian testing watch)
[2016-05-29] Accepted bundler 1.12.5-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-22] bundler 1.12.4-1 MIGRATED to testing (Debian testing watch)
[2016-05-16] Accepted bundler 1.12.4-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-12] bundler 1.12.3-1 MIGRATED to testing (Debian testing watch)
[2016-05-06] Accepted bundler 1.12.3-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-05] Accepted bundler 1.12.2-1 (source) into unstable (Christian Hofstaedtler)
[2016-05-01] Accepted bundler 1.12.1-1 (source) into unstable (Christian Hofstaedtler)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 9)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.17.3-3
1 bug