ruby-bindata - Debian Package Tracker

general

versioned links

2.3.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.3.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.8-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.14-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

A new upstream version is available: 2.4.15 high

A new upstream version 2.4.15 is available, you should consider packaging it.

Created: 2023-02-11 Last update: 2023-03-25 12:08

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

Created: 2016-11-13 Last update: 2023-03-25 07:42

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-32823: (needs triaging) In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit<N>. In combination with <user_input>.constantize there is a potential for a CPU-based DoS. In version 2.4.10 bindata improved the creation time of Bits and Integers.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2023-02-28 18:02

debian/patches: 1 patch to forward upstream low

Among the 2 debian patches available in version 2.4.14-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-02-26 15:54

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).

Created: 2022-12-17 Last update: 2022-12-17 19:18

[2022-11-06] ruby-bindata 2.4.14-1 MIGRATED to testing (Debian testing watch)
[2022-11-03] Accepted ruby-bindata 2.4.14-1 (source) into unstable (Cédric Boutillier)
[2022-10-28] ruby-bindata REMOVED from testing (Debian testing watch)
[2022-02-08] ruby-bindata 2.4.8-2 MIGRATED to testing (Debian testing watch)
[2022-02-05] Accepted ruby-bindata 2.4.8-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-11-25] Accepted ruby-bindata 2.4.8-1~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Sruthi Chandran)
[2020-11-10] ruby-bindata 2.4.8-1 MIGRATED to testing (Debian testing watch)
[2020-11-08] Accepted ruby-bindata 2.4.8-1 (source) into unstable (Abraham Raji) (signed by: Praveen Arimbrathodiyil)
[2017-06-20] ruby-bindata 2.3.5-1 MIGRATED to testing (Debian testing watch)
[2017-01-27] Accepted ruby-bindata 2.3.5-1 (source) into unstable (Lucas Albuquerque Medeiros de Moura) (signed by: Christian Hofstaedtler)
[2016-06-27] ruby-bindata 2.3.1-1 MIGRATED to testing (Debian testing watch)
[2016-06-22] Accepted ruby-bindata 2.3.1-1 (source all) into unstable, unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)

bugs [bug history graph]

links

ubuntu