ruby-twitter-stream - Debian Package Tracker

general

source: ruby-twitter-stream (main)
version: 0.1.16-3
maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
uploaders: Pirate Praveen [DMD] – Jonas Genannt [DMD]
arch: all
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.1.16-3
oldstable: 0.1.16-3
stable: 0.1.16-3
testing: 0.1.16-3
unstable: 0.1.16-3

versioned links

0.1.16-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-twitter-stream (1 bugs: 0, 1, 0, 0)

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

redirecting DEPRECATED pkg-ruby-extras.alioth.debian.org/cgi-bin/gemwatch to gemwatch.debian.net

Created: 2020-06-29 Last update: 2021-09-16 11:37

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 3.9.8).

Created: 2018-04-16 Last update: 2021-08-18 14:02

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2020-24392: In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).

Created: 2021-02-22 Last update: 2021-08-15 00:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2020-24392: In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).

Created: 2021-08-15 Last update: 2021-08-15 00:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.1.16-4, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 0180bf7f8833af21582e9f079b98c16ce5fe7dbf
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Wed Sep 1 19:23:53 2021 +0000

    Bump debhelper from old 12 to 13.
    
    Changes-By: lintian-brush
    Fixes: lintian: package-uses-old-debhelper-compat-version
    See-also: https://lintian.debian.org/tags/package-uses-old-debhelper-compat-version.html

commit 481311ebfd0d9fc774d7d2329899baf5e2f90138
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Sun Aug 29 15:11:46 2021 +0000

    Remove constraints unnecessary since buster
    
    * Build-Depends: Drop versioned constraint on ruby-eventmachine, ruby-http-parser.rb and ruby-simple-oauth.
    * ruby-twitter-stream: Drop versioned constraint on ruby-eventmachine, ruby-http-parser.rb and ruby-simple-oauth in Depends.
    
    Changes-By: deb-scrub-obsolete

commit 4c8f35dca44af1989181158d15f286d6890b00ab
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Sat Nov 21 02:20:59 2020 +0000

    Update watch file format version to 4.
    
    Changes-By: lintian-brush
    Fixes: lintian: older-debian-watch-file-standard
    See-also: https://lintian.debian.org/tags/older-debian-watch-file-standard.html

commit e52ee7c2481f1e6318aaa7fc7abc2f1d54adeb74
Author: Cédric Boutillier <boutil@debian.org>
Date:   Thu Sep 3 20:48:53 2020 +0000

    [ci skip] Add .gitattributes to keep unwanted files out of the source package

commit ff5e8336fe22e3d37b634d55bf99bae2fa582b65
Author: Cédric Boutillier <boutil@debian.org>
Date:   Tue Sep 1 14:18:19 2020 +0000

    [ci skip] Update team name

commit bfaa5b84131b142f18fb24a871006f3607923a02
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Aug 18 13:29:35 2020 +0000

    Set upstream metadata fields: Bug-Database, Bug-Submit.
    
    Changes-By: lintian-brush
    Fixes: lintian: upstream-metadata-file-is-missing
    See-also: https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html
    Fixes: lintian: upstream-metadata-missing-bug-tracking
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-bug-tracking.html

commit e1a9e3a672b468e74dfc0326677d28962fbac04b
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:56:35 2020 +0000

    Use canonical URL in Vcs-Git.
    
    Fixes: lintian: vcs-field-not-canonical
    See-also: https://lintian.debian.org/tags/vcs-field-not-canonical.html

commit 9f73e0649bda47cff93a968a5bfbc984907bae56
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:56:02 2020 +0000

    Update Vcs-* headers from URL redirect.
    
    Fixes: lintian: vcs-obsolete-in-debian-infrastructure
    See-also: https://lintian.debian.org/tags/vcs-obsolete-in-debian-infrastructure.html

commit cabfdc9e0661523b6ab482b49937c5bdc8a29957
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:55:28 2020 +0000

    Set debhelper-compat version in Build-Depends.
    
    Fixes: lintian: uses-debhelper-compat-file
    See-also: https://lintian.debian.org/tags/uses-debhelper-compat-file.html

commit 04c733de65da998aec7122348921c9c08040b0ff
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:54:52 2020 +0000

    Bump debhelper from deprecated 9 to 12.
    
    Fixes: lintian: package-uses-deprecated-debhelper-compat-version
    See-also: https://lintian.debian.org/tags/package-uses-deprecated-debhelper-compat-version.html

commit f50dd5d33b08d329df60cc09363e83c684ff601d
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:54:19 2020 +0000

    Use secure URI in Homepage field.
    
    Fixes: lintian: homepage-field-uses-insecure-uri
    See-also: https://lintian.debian.org/tags/homepage-field-uses-insecure-uri.html

commit 2349a71b2a72e91128c07f830c157ab292f5f031
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:53:43 2020 +0000

    Use secure copyright file specification URI.
    
    Fixes: lintian: insecure-copyright-format-uri
    See-also: https://lintian.debian.org/tags/insecure-copyright-format-uri.html

commit 38c0651b0edcdb6866dfe49086631a7ef07a6cb1
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Apr 24 09:53:08 2020 +0000

    Trim trailing whitespace.
    
    Fixes: lintian: file-contains-trailing-whitespace
    See-also: https://lintian.debian.org/tags/file-contains-trailing-whitespace.html

commit bc899e9f342695a028ae0de8d168c3bda8ab9071
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date:   Tue Aug 13 08:06:57 2019 +0530

    Update d/ch

commit 483b0e6c0eb2e2d9f5455dd1d9bd883c0e3c88b4
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date:   Tue Aug 13 08:06:57 2019 +0530

    Add salsa-ci.yml

The Vcs URL is using anonscm.debian.org. Please update it for the move to salsa.debian.org.

Created: 2019-08-13 Last update: 2021-09-16 11:37

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2021-09-06 18:35

1 low-priority security issue in buster low

There is 1 open security issue in buster.

1 issue left for the package maintainer to handle:

CVE-2020-24392: (needs triaging) In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-02-22 Last update: 2021-08-15 00:00

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2020-24392: (needs triaging) In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-14 Last update: 2021-08-15 00:00

news

[rss feed]

[2016-07-26] ruby-twitter-stream 0.1.16-3 MIGRATED to testing (Debian testing watch)
[2016-07-21] Accepted ruby-twitter-stream 0.1.16-3 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2015-12-13] ruby-twitter-stream 0.1.16-2 MIGRATED to testing (Debian testing watch)
[2015-12-07] Accepted ruby-twitter-stream 0.1.16-2 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2015-11-04] ruby-twitter-stream REMOVED from testing (Britney)
[2014-03-14] ruby-twitter-stream 0.1.16-1 MIGRATED to testing (Debian testing watch)
[2014-03-03] Accepted ruby-twitter-stream 0.1.16-1 (source all) (Jonas Genannt) (signed by: Cédric Boutillier)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 4)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.1.16-3
1 bug