Debian Package Tracker - ruby-rack-protection

general

source: ruby-rack-protection (main)
version: 1.5.3-2.1
maintainer: Debian Ruby Extras Maintainers (archive) [DMD]
uploaders: Youhei SASAKI [DMD] [dm]
arch: all
std-ver: 3.9.6
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.2.0-1
o-o-bpo: 1.5.0-2~bpo70+1
oldstable: 1.5.2-1
stable: 1.5.3-2+deb9u1
stable-sec: 1.5.3-2+deb9u1
testing: 1.5.3-2.1
unstable: 1.5.3-2.1

versioned links

1.2.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.0-2~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.3-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.3-2.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-rack-protection

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

redirecting DEPRECATED pkg-ruby-extras.alioth.debian.org/cgi-bin/gemwatch to gemwatch.debian.net

Created: 2018-05-06 Last update: 2018-12-11 12:08

A new upstream version is available: 2.0.4 high

A new upstream version 2.0.4 is available, you should consider packaging it.

Created: 2017-11-21 Last update: 2018-12-11 12:08

The VCS repository is not up to date, push the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

The Vcs URL git://anonscm.debian.org/pkg-ruby-extras/ruby-rack-protection.git is deprecated/defunct, https://anonscm.debian.org/git/pkg-ruby-extras/ruby-rack-protection.git was tried instead. Please update the Vcs field in debian/control.

Created: 2017-12-03 Last update: 2018-12-11 05:40

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 3.9.6).

Created: 2018-04-16 Last update: 2018-08-26 08:17

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2016-09-15 Last update: 2018-07-23 01:40

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-09-07 Last update: 2018-12-11 09:50

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2018-1000119: Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

Please fix it.

Created: 2018-03-07 Last update: 2018-11-10 16:29

news

[rss feed]

[2018-07-27] ruby-rack-protection 1.5.3-2.1 MIGRATED to testing (Debian testing watch)
[2018-07-22] Accepted ruby-rack-protection 1.5.3-2.1 (source) into unstable (Salvatore Bonaccorso)
[2018-07-19] Accepted ruby-rack-protection 1.5.3-2+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2018-07-16] Accepted ruby-rack-protection 1.5.3-2+deb9u1 (source all) into stable->embargoed, stable (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2015-09-08] ruby-rack-protection 1.5.3-2 MIGRATED to testing (Britney)
[2015-09-02] Accepted ruby-rack-protection 1.5.3-2 (source all) into unstable (Balasankar C) (signed by: Praveen Arimbrathodiyil)
[2015-08-29] Accepted ruby-rack-protection 1.5.3-1 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2014-03-29] ruby-rack-protection 1.5.2-1 MIGRATED to testing (Debian testing watch)
[2014-03-23] Accepted ruby-rack-protection 1.5.2-1 (source all) (Youhei SASAKI)
[2013-11-10] ruby-rack-protection 1.5.1-1 MIGRATED to testing (Debian testing watch)
[2013-10-30] Accepted ruby-rack-protection 1.5.1-1 (source all) (Youhei SASAKI)
[2013-07-04] ruby-rack-protection 1.5.0-2 MIGRATED to testing (Debian testing watch)
[2013-06-23] Accepted ruby-rack-protection 1.5.0-2 (source all) (Jérémy Bobbio)
[2013-03-31] Accepted ruby-rack-protection 1.5.0-1 (source all) (Youhei SASAKI)
[2013-01-07] Accepted ruby-rack-protection 1.3.2-1 (source all) (Youhei SASAKI)
[2012-07-08] ruby-rack-protection 1.2.0-1 MIGRATED to testing (Debian testing watch)
[2012-06-28] Accepted ruby-rack-protection 1.2.0-1 (source all) (Youhei SASAKI) (signed by: Paul van Tilburg)

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.5.3-2.1