Debian Package Tracker

general

source: bundler (main)
version: 2.1.4-3
maintainer: Debian Ruby Team (archive) (DMD)
uploaders: Utkarsh Gupta [DMD] – Scott Leggett [DMD] – Antonio Terceiro [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.7.4-1
oldstable: 1.13.6-2
stable: 1.17.3-3+deb10u1
stable-bpo: 2.1.4-2~bpo10+1
testing: 2.1.4-2
unstable: 2.1.4-3

versioned links

1.7.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.13.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.17.3-3+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.4-2~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.4-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.4-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bundler
ruby-bundler

action needed

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2020-10-18 Last update: 2020-10-21 01:05

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2020-04-26 Last update: 2020-10-20 22:08

lintian reports 19 warnings normal

Lintian reports 19 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-08-22 06:03

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.
CVE-2019-3881: Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.

Please fix them.

Created: 2016-10-05 Last update: 2020-10-13 17:14

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2016-7954: Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Please fix it.

Created: 2017-06-18 Last update: 2020-10-13 17:14

testing migrations

excuses:
- Migration status for bundler (2.1.4-2 to 2.1.4-3): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- bundler has no binaries on any arch
- nothing built yet, autopkgtest delayed
- Additional info:
- Cannot be tested by piuparts (not a blocker) - (no link yet)
- 8 days old (needed 5 days)
- Not considered

news

[rss feed]

[2020-10-13] Accepted bundler 2.1.4-3 (source) into unstable (Utkarsh Gupta)
[2020-07-03] Accepted bundler 2.1.4-2~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Praveen Arimbrathodiyil)
[2020-06-22] bundler 2.1.4-2 MIGRATED to testing (Debian testing watch)
[2020-06-19] Accepted bundler 2.1.4-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-05-19] Accepted bundler 1.17.3-3+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Andreas Beckmann)
[2020-02-15] bundler 2.1.4-1 MIGRATED to testing (Debian testing watch)
[2020-02-07] Accepted bundler 2.1.4-1 (source) into unstable (Utkarsh Gupta)
[2019-03-20] bundler 1.17.3-3 MIGRATED to testing (Debian testing watch)
[2019-03-09] Accepted bundler 1.17.3-3 (source) into unstable (Antonio Terceiro)
[2019-02-09] bundler 1.17.3-2 MIGRATED to testing (Debian testing watch)
[2019-02-06] Accepted bundler 1.17.3-2 (source) into unstable (Lucas Kanashiro)
[2019-02-06] bundler 1.17.3-1 MIGRATED to testing (Debian testing watch)
[2019-02-03] Accepted bundler 1.17.3-1 (source) into unstable (Antonio Terceiro)
[2018-07-25] bundler 1.16.1-3 MIGRATED to testing (Debian testing watch)
[2018-07-23] Accepted bundler 1.16.1-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2018-05-07] bundler 1.16.1-2 MIGRATED to testing (Debian testing watch)
[2018-05-04] Accepted bundler 1.16.1-2 (source) into unstable (Antonio Terceiro)
[2018-03-21] bundler 1.16.1-1 MIGRATED to testing (Debian testing watch)
[2018-03-15] Accepted bundler 1.16.1-1 (source) into unstable (Cédric Boutillier)
[2017-07-09] bundler 1.15.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-03] Accepted bundler 1.15.1-1 (source) into unstable (Lucas Nussbaum)
[2016-12-19] bundler 1.13.6-2 MIGRATED to testing (Debian testing watch)
[2016-12-08] Accepted bundler 1.13.6-2 (source) into unstable (Christian Hofstaedtler)
[2016-12-06] bundler 1.12.5-4 MIGRATED to testing (Debian testing watch)
[2016-11-30] Accepted bundler 1.12.5-4 (source) into unstable (Christian Hofstaedtler)
[2016-07-19] bundler 1.12.5-3 MIGRATED to testing (Debian testing watch)
[2016-07-13] Accepted bundler 1.12.5-3 (source) into unstable (Christian Hofstaedtler)
[2016-07-12] bundler 1.12.5-2 MIGRATED to testing (Debian testing watch)
[2016-07-05] Accepted bundler 1.12.5-2 (source) into unstable (Christian Hofstaedtler)
[2016-06-04] bundler 1.12.5-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 19)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.4-2
1 bug