Register | Log in

ruby-devise

Flexible authentication solution for Rails with Warden

Choose email to subscribe with

general

source: ruby-devise (main)
version: 4.6.2-2
maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
uploaders: Markus Tornow [DMD] – Pirate Praveen [DMD]
arch: all
std-ver: 4.4.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 4.2.0-1
old-bpo: 4.4.3-1~bpo9+1
stable: 4.5.0-3
testing: 4.6.2-2
unstable: 4.6.2-2

versioned links

4.2.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.4.3-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.5.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.6.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-devise (1 bugs: 0, 1, 0, 0)

action needed

A new upstream version is available: 4.7.1 high

A new upstream version 4.7.1 is available, you should consider packaging it.

Created: 2019-02-25 Last update: 2019-12-05 20:50

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2019-5421: Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later.

Please fix it.

Created: 2019-04-04 Last update: 2019-11-23 06:49

news

[2019-11-23] ruby-devise 4.6.2-2 MIGRATED to testing (Debian testing watch)
[2019-11-19] Accepted ruby-devise 4.6.2-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2019-05-24] ruby-devise 4.5.0-3 MIGRATED to testing (Debian testing watch)
[2019-05-21] Accepted ruby-devise 4.5.0-3 (source) into unstable (Utkarsh Gupta)
[2019-05-21] Accepted ruby-devise 4.6.2-1 (source) into experimental (Utkarsh Gupta)
[2019-03-10] ruby-devise 4.5.0-2 MIGRATED to testing (Debian testing watch)
[2019-02-27] Accepted ruby-devise 4.5.0-2 (source) into unstable (Antonio Terceiro)
[2019-01-06] ruby-devise 4.5.0-1 MIGRATED to testing (Debian testing watch)
[2018-12-31] Accepted ruby-devise 4.5.0-1 (source) into unstable (Utkarsh Gupta) (signed by: Praveen Arimbrathodiyil)
[2018-05-15] Accepted ruby-devise 4.4.3-1~bpo9+1 (source all) into stretch-backports, stretch-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-03-27] ruby-devise 4.4.3-1 MIGRATED to testing (Debian testing watch)
[2018-03-21] Accepted ruby-devise 4.4.3-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2017-09-21] ruby-devise 4.3.0-1 MIGRATED to testing (Debian testing watch)
[2017-09-15] Accepted ruby-devise 4.3.0-1 (source) into unstable (Sruthi Chandran) (signed by: Praveen Arimbrathodiyil)
[2016-09-23] ruby-devise 4.2.0-1 MIGRATED to testing (Debian testing watch)
[2016-09-18] Accepted ruby-devise 4.2.0-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-09-13] Accepted ruby-devise 4.1.1-4 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-09-01] ruby-devise 4.1.1-3 MIGRATED to testing (Debian testing watch)
[2016-08-26] Accepted ruby-devise 4.1.1-3 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-07-17] ruby-devise 4.1.1-2 MIGRATED to testing (Debian testing watch)
[2016-07-09] Accepted ruby-devise 4.1.1-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-06-12] Accepted ruby-devise 4.1.1-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-03-09] ruby-devise 3.5.6-2 MIGRATED to testing (Debian testing watch)
[2016-03-04] Accepted ruby-devise 3.5.6-2 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-02-23] Accepted ruby-devise 3.5.6-1 (source all) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-01-09] ruby-devise 3.5.2-3 MIGRATED to testing (Debian testing watch)
[2016-01-03] Accepted ruby-devise 3.5.2-3 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2015-12-20] ruby-devise 3.5.2-2 MIGRATED to testing (Debian testing watch)
[2015-11-11] Accepted ruby-devise 3.5.2-2 (source) into unstable (Antonio Terceiro)
[2015-10-29] Accepted ruby-devise 3.5.2-1 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)

1
2

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.6.2-2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing