Debian Package Tracker
Register | Log in
Subscribe

ruby-bindata

declarative way to read and write binary file formats

Choose email to subscribe with

general
  • source: ruby-bindata (main)
  • version: 2.4.8-2
  • maintainer: Debian Ruby Team (archive) (DMD)
  • uploaders: Pirate Praveen [DMD]
  • arch: all
  • std-ver: 4.6.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.3.1-1
  • oldstable: 2.3.5-1
  • old-bpo: 2.4.8-1~bpo10+1
  • stable: 2.4.8-1
  • testing: 2.4.8-2
  • unstable: 2.4.8-2
versioned links
  • 2.3.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.3.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.4.8-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.4.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.4.8-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • ruby-bindata
action needed
A new upstream version is available: 2.4.10 high
A new upstream version 2.4.10 is available, you should consider packaging it.
Created: 2021-04-25 Last update: 2022-08-17 14:37
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2021-32823: In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit<N>. In combination with <user_input>.constantize there is a potential for a CPU-based DoS. In version 2.4.10 bindata improved the creation time of Bits and Integers.
Created: 2022-07-04 Last update: 2022-08-01 13:40
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2021-32823: In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit<N>. In combination with <user_input>.constantize there is a potential for a CPU-based DoS. In version 2.4.10 bindata improved the creation time of Bits and Integers.
Created: 2022-07-04 Last update: 2022-08-01 13:40
Multiarch hinter reports 1 issue(s) normal
There are issues with the multiarch metadata for this package.
  • ruby-bindata could be marked Multi-Arch: foreign
Created: 2016-11-13 Last update: 2022-08-17 15:01
lintian reports 2 warnings normal
Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2021-09-06 Last update: 2022-07-30 12:16
1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2021-32823: (needs triaging) In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit<N>. In combination with <user_input>.constantize there is a potential for a CPU-based DoS. In version 2.4.10 bindata improved the creation time of Bits and Integers.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).
Created: 2022-05-11 Last update: 2022-05-11 23:25
news
[rss feed]
  • [2022-02-08] ruby-bindata 2.4.8-2 MIGRATED to testing (Debian testing watch)
  • [2022-02-05] Accepted ruby-bindata 2.4.8-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
  • [2020-11-25] Accepted ruby-bindata 2.4.8-1~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Sruthi Chandran)
  • [2020-11-10] ruby-bindata 2.4.8-1 MIGRATED to testing (Debian testing watch)
  • [2020-11-08] Accepted ruby-bindata 2.4.8-1 (source) into unstable (Abraham Raji) (signed by: Praveen Arimbrathodiyil)
  • [2017-06-20] ruby-bindata 2.3.5-1 MIGRATED to testing (Debian testing watch)
  • [2017-01-27] Accepted ruby-bindata 2.3.5-1 (source) into unstable (Lucas Albuquerque Medeiros de Moura) (signed by: Christian Hofstaedtler)
  • [2016-06-27] ruby-bindata 2.3.1-1 MIGRATED to testing (Debian testing watch)
  • [2016-06-22] Accepted ruby-bindata 2.3.1-1 (source all) into unstable, unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 1
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 2)
  • buildd: logs, clang, reproducibility
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.4.8-2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing