Debian Package Tracker

general

source: ruby-openid (main)
version: 2.7.0debian-1
maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
uploaders: Paul van Tilburg [DMD] – Cédric Boutillier [DMD]
arch: all
std-ver: 3.9.6
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.5.0debian-1
oldstable: 2.7.0debian-1
stable: 2.7.0debian-1
unstable: 2.7.0debian-1

versioned links

2.5.0debian-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.0debian-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-openid

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

redirecting DEPRECATED pkg-ruby-extras.alioth.debian.org/cgi-bin/gemwatch to gemwatch.debian.net

Created: 2018-05-06 Last update: 2019-09-22 06:40

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-11027: Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developers who based their OpenID integration heavily on the "example app" provided by the project are at highest risk.

Please fix it.

Created: 2019-06-11 Last update: 2019-08-07 18:16

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2019-11027: Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developers who based their OpenID integration heavily on the "example app" provided by the project are at highest risk.

Please fix it.

Created: 2019-06-11 Last update: 2019-08-07 18:16

1 security issue in stretch high

There is 1 open security issue in stretch.

1 important issue:

CVE-2019-11027: Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developers who based their OpenID integration heavily on the "example app" provided by the project are at highest risk.

Please fix it.

Created: 2019-06-11 Last update: 2019-08-07 18:16

1 security issue in jessie high

There is 1 open security issue in jessie.

1 important issue:

CVE-2019-11027: Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developers who based their OpenID integration heavily on the "example app" provided by the project are at highest risk.

Please fix it.

Created: 2019-06-11 Last update: 2019-08-07 18:16

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 3.9.6).

Created: 2018-04-16 Last update: 2019-07-08 20:08

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2019-08-07 Last update: 2019-09-22 12:08

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.7.0debian-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 13808b7de2f0f88249b57958cdeed4bf06fcc6db
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date:   Tue Aug 13 06:18:54 2019 +0530

    Update d/ch

commit 125e91ecdbb17cc1861c5c69b787d39e4c0b42db
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date:   Tue Aug 13 06:18:53 2019 +0530

    Add salsa-ci.yml

commit 07e9af88faad9612ce40eae5fe3424d610f36d8b
Author: Cédric Boutillier <boutil@moszumanska.debian.org>
Date:   Fri Mar 4 15:15:08 2016 +0000

    Run wrap-and-sort on packaging files

commit 4f08f8b3523e9619972fe4c0c9f03d5c3bd8f088
Author: Cédric Boutillier <boutil@moszumanska.debian.org>
Date:   Fri Mar 4 13:06:50 2016 +0000

    Bump Standards-Version to 3.9.7 (no changes needed)

commit d02cfaa537599274b5f61a8127ce1e2ac4a4513f
Author: Cédric Boutillier <boutil@moszumanska.debian.org>
Date:   Fri Mar 4 12:50:50 2016 +0000

    Use https:// in Vcs-* fields

commit 223f89bafd4ce3848427e05c811b92fd9bc04bd8
Author: Cédric Boutillier <boutil@moszumanska.debian.org>
Date:   Fri Mar 4 12:30:35 2016 +0000

    Use https:// in Vcs-* fields

commit 892f42aa206ece05f5b8d0b9d22269949dfe1443
Author: Cédric Boutillier <boutil@moszumanska.debian.org>
Date:   Fri Mar 4 11:58:24 2016 +0000

    Remove version in the gem2deb build-dependency

commit 81ee82afc829066bf085afdbaa96ed6d5df4d666
Author: Cédric Boutillier <boutil@moszumanska.debian.org>
Date:   Fri Mar 4 11:08:40 2016 +0000

    Bump debhelper compatibility level to 9

The Vcs URL git://anonscm.debian.org/pkg-ruby-extras/ruby-openid.git is deprecated/defunct, https://anonscm.debian.org/git/pkg-ruby-extras/ruby-openid.git was tried instead. Please update the Vcs field in debian/control.

Created: 2017-12-03 Last update: 2019-09-22 06:44

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-08-28 Last update: 2019-08-28 02:40

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2019-01-12 Last update: 2019-09-22 11:39

testing migrations

excuses:
- Migration status for ruby-openid (- to 2.7.0debian-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating ruby-openid introduces new bugs: #930388
- Not built on buildd: arch all binaries uploaded by cedric.boutillier@gmail.com, a new source-only upload is needed to allow migration
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/r/ruby-openid.html
- 1504 days old (needed 5 days)
- Not considered

news

[rss feed]

[2019-08-08] ruby-openid REMOVED from testing (Debian testing watch)
[2015-08-15] ruby-openid 2.7.0debian-1 MIGRATED to testing (Britney)
[2015-08-09] Accepted ruby-openid 2.7.0debian-1 (source all) into unstable (Cédric Boutillier)
[2014-03-20] ruby-openid 2.5.0debian-1 MIGRATED to testing (Debian testing watch)
[2014-03-14] Accepted ruby-openid 2.5.0debian-1 (source all) (Cédric Boutillier)
[2013-03-09] ruby-openid 2.1.8debian-6 MIGRATED to testing (Debian testing watch)
[2013-03-06] Accepted ruby-openid 2.1.8debian-6 (source all) (Cédric Boutillier)
[2012-07-07] ruby-openid 2.1.8debian-5 MIGRATED to testing (Debian testing watch)
[2012-06-26] Accepted ruby-openid 2.1.8debian-5 (source all) (Cédric Boutillier)
[2012-05-31] ruby-openid 2.1.8debian-4 MIGRATED to testing (Debian testing watch)
[2012-05-20] Accepted ruby-openid 2.1.8debian-4 (source all) (Paul van Tilburg)
[2012-05-20] Accepted ruby-openid 2.1.8debian-3 (source all) (Paul van Tilburg)

bugs [bug history graph]

all: 1
RC: 1
I&N: 0
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.7.0debian-1