Debian Package Tracker - ruby-rack-protection

general

source: ruby-rack-protection (main)
version: 1.5.3-2
maintainer: Debian Ruby Extras Maintainers (archive) [DMD]
uploaders: Youhei SASAKI [DMD] [dm]
arch: all
std-ver: 3.9.6
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.2.0-1
o-o-bpo: 1.5.0-2~bpo70+1
oldstable: 1.5.2-1
stable: 1.5.3-2
testing: 1.5.3-2
unstable: 1.5.3-2

versioned links

1.2.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.0-2~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-rack-protection

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

redirecting DEPRECATED pkg-ruby-extras.alioth.debian.org/cgi-bin/gemwatch to gemwatch.debian.net

Created: 2018-05-06 Last update: 2018-06-23 14:21

A new upstream version is available: 2.0.3 high

A new upstream version 2.0.3 is available, you should consider packaging it.

Created: 2017-11-21 Last update: 2018-06-23 14:21

Error while accessing the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

remote: Retry later fatal: unable to access 'https://salsa.debian.org/ruby-team/ruby-rack-protection/': The requested URL returned error: 429

Created: 2017-12-03 Last update: 2018-06-23 03:14

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2018-1000119: Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

Please fix it.

Created: 2018-03-07 Last update: 2018-06-02 08:03

1 security issue in stretch high

There is 1 open security issue in stretch.

1 important issue:

CVE-2018-1000119: Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

Please fix it.

Created: 2018-03-07 Last update: 2018-06-02 08:03

1 security issue in jessie high

There is 1 open security issue in jessie.

1 important issue:

CVE-2018-1000119: Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

Please fix it.

Created: 2018-03-07 Last update: 2018-06-02 08:03

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2018-1000119: Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

Please fix it.

Created: 2018-03-07 Last update: 2018-06-02 08:03

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 3.9.6).

Created: 2018-04-16 Last update: 2018-04-16 20:51

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-03-07 Last update: 2018-06-23 13:58

lintian reports 3 warnings normal

Lintian reports 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2016-09-15 Last update: 2018-04-15 07:58

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-06-10 Last update: 2018-06-23 14:28

news

[rss feed]

[2015-09-08] ruby-rack-protection 1.5.3-2 MIGRATED to testing (Britney)
[2015-09-02] Accepted ruby-rack-protection 1.5.3-2 (source all) into unstable (Balasankar C) (signed by: Praveen Arimbrathodiyil)
[2015-08-29] Accepted ruby-rack-protection 1.5.3-1 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2014-03-29] ruby-rack-protection 1.5.2-1 MIGRATED to testing (Debian testing watch)
[2014-03-23] Accepted ruby-rack-protection 1.5.2-1 (source all) (Youhei SASAKI)
[2013-11-10] ruby-rack-protection 1.5.1-1 MIGRATED to testing (Debian testing watch)
[2013-10-30] Accepted ruby-rack-protection 1.5.1-1 (source all) (Youhei SASAKI)
[2013-07-04] ruby-rack-protection 1.5.0-2 MIGRATED to testing (Debian testing watch)
[2013-06-23] Accepted ruby-rack-protection 1.5.0-2 (source all) (Jérémy Bobbio)
[2013-03-31] Accepted ruby-rack-protection 1.5.0-1 (source all) (Youhei SASAKI)
[2013-01-07] Accepted ruby-rack-protection 1.3.2-1 (source all) (Youhei SASAKI)
[2012-07-08] ruby-rack-protection 1.2.0-1 MIGRATED to testing (Debian testing watch)
[2012-06-28] Accepted ruby-rack-protection 1.2.0-1 (source all) (Youhei SASAKI) (signed by: Paul van Tilburg)

bugs [bug history graph]

all: 1
RC: 1
I&N: 0
M&W: 0
F&P: 0

links

homepage
lintian (0, 3)
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.5.3-2