ruby-sidekiq - Debian Package Tracker

general

source: ruby-sidekiq (main)
version: 6.4.1+dfsg-1
maintainer: Debian Ruby Team (archive) (DMD)
uploaders: Pirate Praveen [DMD]
arch: all
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.2.3+dfsg-1
o-o-sec: 4.2.3+dfsg-1+deb9u1
o-o-bpo: 5.2.2+dfsg-2~bpo9+1
oldstable: 5.2.3+dfsg-1
old-bpo: 5.2.7+dfsg-1~bpo10+1
stable: 6.0.4+dfsg-2
testing: 6.4.1+dfsg-1
unstable: 6.4.1+dfsg-1

versioned links

4.2.3+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.2.3+dfsg-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.2.2+dfsg-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.2.3+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.2.7+dfsg-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.0.4+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.4.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-sidekiq (1 bugs: 0, 1, 0, 0)

action needed

A new upstream version is available: 7.0.1 high

A new upstream version 7.0.1 is available, you should consider packaging it.

Created: 2022-04-23 Last update: 2022-11-29 10:03

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2021-30151: Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
CVE-2022-23837: In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.

Created: 2022-07-04 Last update: 2022-08-01 13:40

2 security issues in buster high

There are 2 open security issues in buster.

1 important issue:

CVE-2022-23837: In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.

1 issue postponed or untriaged:

CVE-2021-30151: (needs triaging) Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.

Created: 2022-07-04 Last update: 2022-08-01 13:40

2 security issues in bullseye high

There are 2 open security issues in bullseye.

1 important issue:

CVE-2022-23837: In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.

1 issue left for the package maintainer to handle:

CVE-2021-30151: (needs triaging) Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2021-30151: Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
CVE-2022-23837: In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.

Created: 2022-07-04 Last update: 2022-08-01 13:40

lintian reports 4 warnings high

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2022-07-30 12:16

1 new commit since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 3e1a52fe6f6b9bbd355fb2c58da890600dce73a6
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Thu Nov 10 00:59:36 2022 +0000

    Remove constraints unnecessary since buster (oldstable)
    
    * Build-Depends: Drop versioned constraint on ruby-rack-protection.
    
    Changes-By: deb-scrub-obsolete

Created: 2022-11-10 Last update: 2022-11-25 13:07

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-05-11 23:24

news

[rss feed]

[2022-04-06] ruby-sidekiq 6.4.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-04-03] Accepted ruby-sidekiq 6.4.1+dfsg-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2022-03-10] Accepted ruby-sidekiq 4.2.3+dfsg-1+deb9u1 (source) into oldoldstable (Utkarsh Gupta)
[2021-12-10] ruby-sidekiq 6.3.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-11-18] Accepted ruby-sidekiq 6.3.1+dfsg-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2021-06-17] Accepted ruby-sidekiq 6.2.1+dfsg-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-09-07] ruby-sidekiq 6.0.4+dfsg-2 MIGRATED to testing (Debian testing watch)
[2020-08-02] Accepted ruby-sidekiq 6.0.4+dfsg-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-02-07] Accepted ruby-sidekiq 6.0.4+dfsg-1 (source) into experimental (Sruthi Chandran)
[2019-08-12] Accepted ruby-sidekiq 5.2.7+dfsg-1~bpo10+1 (source all) into buster-backports, buster-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2019-08-05] ruby-sidekiq 5.2.7+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-08-03] Accepted ruby-sidekiq 5.2.7+dfsg-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2019-01-30] Accepted ruby-sidekiq 5.2.2+dfsg-2~bpo9+1 (source all) into stretch-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-12-16] ruby-sidekiq 5.2.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-13] Accepted ruby-sidekiq 5.2.3+dfsg-1 (source) into unstable (Manas Kashyap) (signed by: Praveen Arimbrathodiyil)
[2018-10-15] ruby-sidekiq 5.2.2+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-10-13] Accepted ruby-sidekiq 5.2.2+dfsg-2 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-10-13] ruby-sidekiq 5.0.4+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-10-12] Accepted ruby-sidekiq 5.2.2+dfsg-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-10-11] ruby-sidekiq REMOVED from testing (Debian testing watch)
[2018-06-17] Accepted ruby-sidekiq 5.0.4+dfsg-2~bpo9+1 (source all) into stretch-backports, stretch-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-02-27] ruby-sidekiq 5.0.4+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-02-22] Accepted ruby-sidekiq 5.0.4+dfsg-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2017-07-26] Accepted ruby-sidekiq 5.0.4+dfsg-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2017-06-20] ruby-sidekiq 4.2.3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2017-01-29] Accepted ruby-sidekiq 4.2.3+dfsg-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-11-07] ruby-sidekiq 4.2.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-11-01] Accepted ruby-sidekiq 4.2.3+dfsg-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2016-09-15] ruby-sidekiq 4.1.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-09-09] Accepted ruby-sidekiq 4.1.4+dfsg-1 (source) into unstable (Sruthi Chandran) (signed by: Praveen Arimbrathodiyil)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 4)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 6.4.1+dfsg-1