rails - Debian Package Tracker

general

source: rails (main)
version: 2:6.0.3.5+dfsg-1
maintainer: Debian Ruby Team (archive) (DMD)
uploaders: Sruthi Chandran [DMD] – Utkarsh Gupta [DMD]
arch: all
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2:4.2.7.1-1+deb9u2
old-sec: 2:4.2.7.1-1+deb9u4
old-bpo: 2:4.2.10-1~bpo9+1
stable: 2:5.2.2.1+dfsg-1+deb10u2
stable-sec: 2:5.2.2.1+dfsg-1+deb10u2
stable-bpo: 2:5.2.4.3+dfsg-2~bpo10+1
testing: 2:6.0.3.5+dfsg-1
unstable: 2:6.0.3.5+dfsg-1

versioned links

2:4.2.7.1-1+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:4.2.7.1-1+deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:4.2.10-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:5.2.2.1+dfsg-1+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:5.2.4.3+dfsg-2~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:6.0.3.5+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

rails (1 bugs: 0, 0, 1, 0)
ruby-actioncable
ruby-actionmailbox
ruby-actionmailer
ruby-actionpack
ruby-actiontext
ruby-actionview
ruby-activejob
ruby-activemodel
ruby-activerecord
ruby-activestorage
ruby-activesupport
ruby-rails
ruby-railties

action needed

A new upstream version is available: 6.1.3.1 high

A new upstream version 6.1.3.1 is available, you should consider packaging it.

Created: 2020-12-10 Last update: 2021-04-14 09:36

2 security issues in buster high

There are 2 open security issues in buster.

2 important issues:

CVE-2021-22880: The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
CVE-2021-22881: The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. When an allowed host contains a leading dot, a specially crafted `Host` header can be used to redirect to a malicious website.

Created: 2021-02-19 Last update: 2021-03-21 19:04

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-02-22 Last update: 2021-04-14 13:34

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2:6.1.0+dfsg-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit c3dce99d6cf2a150332e26978fc74fb3a022e89d
Author: Utkarsh Gupta <utkarsh@debian.org>
Date:   Sat Dec 12 03:29:30 2020 +0530

    [skip-ci] Update d/ch for 2:6.1.0+dfsg-1 -- UNRELEASED

commit c494e7924235b26352d64aa52785fdcc853b7487
Author: Utkarsh Gupta <utkarsh@debian.org>
Date:   Sat Dec 12 03:28:41 2020 +0530

    Refresh the first patch

commit ce147ea76b93fabb28575fb2507179b8ca4c350a
Merge: 4cc2f1a5 af2e81cd
Author: Utkarsh Gupta <utkarsh@debian.org>
Date:   Sat Dec 12 03:04:47 2020 +0530

    Update upstream source from tag 'upstream/6.1.0+dfsg'
    
    Update to upstream version '6.1.0+dfsg'
    with Debian dir cd9ea59184c99c7c24472016c848c2cd343ca9f4

commit af2e81cd2972bd6d68666efb6dad35293ac005f9
Author: Utkarsh Gupta <utkarsh@debian.org>
Date:   Sat Dec 12 03:04:19 2020 +0530

    New upstream version 6.1.0+dfsg

Created: 2020-10-11 Last update: 2021-04-14 03:36

news

[rss feed]

[2021-02-22] rails 2:6.0.3.5+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-02-22] rails 2:6.0.3.5+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-02-14] Accepted rails 2:6.0.3.5+dfsg-1 (source) into unstable (Utkarsh Gupta)
[2021-02-06] rails 2:6.0.3.4+dfsg-3 MIGRATED to testing (Debian testing watch)
[2021-02-03] Accepted rails 2:6.0.3.4+dfsg-3 (source) into unstable (Utkarsh Gupta)
[2020-12-14] rails 2:6.0.3.4+dfsg-2 MIGRATED to testing (Debian testing watch)
[2020-12-11] Accepted rails 2:6.0.3.4+dfsg-2 (source) into unstable (Utkarsh Gupta)
[2020-10-14] rails 2:6.0.3.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-10-11] Accepted rails 2:6.0.3.4+dfsg-1 (source) into unstable (Utkarsh Gupta)
[2020-10-09] Accepted rails 2:4.2.7.1-1+deb9u4 (source) into oldstable (Markus Koschany)
[2020-10-09] Accepted rails 2:5.2.4.3+dfsg-2~bpo10+1 (source all) into buster-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-09-27] Accepted rails 2:5.2.2.1+dfsg-1+deb10u2 (source all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-09-24] Accepted rails 2:5.2.2.1+dfsg-1+deb10u2 (source all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-09-13] rails 2:6.0.3.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-09-11] Accepted rails 2:6.0.3.3+dfsg-1 (source) into unstable (Utkarsh Gupta)
[2020-09-07] rails 2:6.0.3.2+dfsg-11 MIGRATED to testing (Debian testing watch)
[2020-08-28] Accepted rails 2:6.0.3.2+dfsg-11 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-27] Accepted rails 2:6.0.3.2+dfsg-10 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-11] Accepted rails 2:6.0.3.2+dfsg-9 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-07] Accepted rails 2:6.0.3.2+dfsg-8 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-04] Accepted rails 2:6.0.3.2+dfsg-7 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-03] Accepted rails 2:6.0.3.2+dfsg-6 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-03] Accepted rails 2:6.0.3.2+dfsg-5 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-02] Accepted rails 2:6.0.3.2+dfsg-4 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-08-02] Accepted rails 2:6.0.3.2+dfsg-3 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-07-29] Accepted rails 2:6.0.3.2+dfsg-2 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-07-20] Accepted rails 2:4.2.7.1-1+deb9u3 (source) into oldstable (Sylvain Beucler)
[2020-07-01] Accepted rails 2:6.0.3.2+dfsg-1 (source) into experimental (Utkarsh Gupta)
[2020-06-19] Accepted rails 2:4.1.8-1+deb8u7 (source all) into oldoldstable (Sylvain Beucler)
[2020-06-15] rails 2:5.2.4.3+dfsg-2 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 1
RC: 0
I&N: 0
M&W: 1
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:6.0.3.5+dfsg-1build1
6 bugs