Register | Log in

ruby-json

JSON library for Ruby

Choose email to subscribe with

general

source: ruby-json (main)
version: 2.3.0+dfsg-1
maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
uploaders: Cédric Boutillier [DMD] – Utkarsh Gupta [DMD] – Lucas Nussbaum [DMD]
arch: any
std-ver: 4.4.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8.1-1
o-o-sec: 1.8.1-1+deb8u1
oldstable: 2.0.1+dfsg-3
old-bpo: 2.1.0+dfsg-1~bpo9+1
stable: 2.1.0+dfsg-2
testing: 2.3.0+dfsg-1
unstable: 2.3.0+dfsg-1

versioned links

1.8.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.1-1+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.1+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0+dfsg-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.3.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-json

action needed

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

ruby-json could be marked Multi-Arch: same

Created: 2020-03-20 Last update: 2020-05-25 03:31

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2020-05-21 Last update: 2020-05-21 00:08

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2020-10663: The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

Please fix it.

Created: 2020-04-25 Last update: 2020-04-30 06:30

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2020-10663: The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

Please fix it.

Created: 2020-04-25 Last update: 2020-04-30 06:30

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.4.1).

Created: 2017-09-29 Last update: 2020-02-05 18:39

news

[2020-04-27] Accepted ruby-json 1.8.1-1+deb8u1 (source amd64) into oldoldstable (Utkarsh Gupta)
[2020-02-09] ruby-json 2.3.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-02-05] Accepted ruby-json 2.3.0+dfsg-1 (source) into unstable (Utkarsh Gupta)
[2018-03-03] ruby-json 2.1.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-02-25] Accepted ruby-json 2.1.0+dfsg-2 (source) into unstable (Antonio Terceiro)
[2017-09-29] Accepted ruby-json 2.1.0+dfsg-1~bpo9+1 (source amd64) into stretch-backports, stretch-backports (Miguel Landaeta)
[2017-07-24] ruby-json 2.1.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-07-18] Accepted ruby-json 2.1.0+dfsg-1 (source) into unstable (Cédric Boutillier)
[2017-03-17] Accepted ruby-json 2.0.1+dfsg-4 (source) into experimental (Miguel Landaeta)
[2016-12-16] ruby-json 2.0.1+dfsg-3 MIGRATED to testing (Debian testing watch)
[2016-12-05] Accepted ruby-json 2.0.1+dfsg-3 (source) into unstable (Micah Anderson)
[2016-08-02] ruby-json 2.0.1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2016-07-27] Accepted ruby-json 2.0.1+dfsg-2 (source) into unstable (Lucas Nussbaum)
[2016-07-21] Accepted ruby-json 2.0.1+dfsg-1 (source) into unstable (Lucas Nussbaum)
[2015-06-26] ruby-json 1.8.3-1 MIGRATED to testing (Britney)
[2015-06-21] Accepted ruby-json 1.8.3-1 (source amd64) into unstable (Cédric Boutillier)
[2015-05-05] ruby-json 1.8.2-1 MIGRATED to testing (Britney)
[2015-04-29] Accepted ruby-json 1.8.2-1 (source amd64) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2015-04-09] Accepted ruby-json 1.8.2-1~exp2 (source amd64) into experimental (Christian Hofstaedtler)
[2015-04-09] Accepted ruby-json 1.8.2-1~exp1 (source amd64) into experimental (Christian Hofstaedtler)
[2014-04-15] ruby-json 1.8.1-1 MIGRATED to testing (Debian testing watch)
[2014-04-04] Accepted ruby-json 1.8.1-1 (source amd64) (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2013-06-03] ruby-json 1.8.0-1 MIGRATED to testing (Debian testing watch)
[2013-05-23] Accepted ruby-json 1.8.0-1 (source amd64) (Cédric Boutillier)
[2013-02-16] ruby-json 1.7.3-3 MIGRATED to testing (Debian testing watch)
[2013-02-12] Accepted ruby-json 1.7.3-3 (source amd64 all) (Cédric Boutillier)
[2012-07-07] ruby-json 1.7.3-2 MIGRATED to testing (Debian testing watch)
[2012-06-26] Accepted ruby-json 1.7.3-2 (source all amd64) (Cédric Boutillier)
[2012-06-01] ruby-json 1.7.3-1 MIGRATED to testing (Debian testing watch)
[2012-05-21] Accepted ruby-json 1.7.3-1 (source all amd64) (Cédric Boutillier) (signed by: Paul van Tilburg)

1
2

bugs [bug history graph]

all: 2
RC: 0
I&N: 1
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.3.0+dfsg-1build1
1 bug

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing