Register | Log in

ruby2.5

Choose email to subscribe with

general

source: ruby2.5 (updates)
version: 2.5.5-3+deb10u1
maintainer: Debian Ruby Team (archive) (DMD)
uploaders: Antonio Terceiro [DMD] – Chris Hofstaedtler [DMD]
arch: all any
std-ver: 4.1.5
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 2.5.5-3+deb10u1
stable-sec: 2.5.5-3+deb10u1

versioned links

2.5.5-3+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libruby2.5
ruby2.5
ruby2.5-dev
ruby2.5-doc

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:06:55
Last run: 2020-04-24 09:06:27 UTC
Previous status: fail

testing: pass (log)
The tests ran in 0:07:02
Last run: 2020-05-01 03:39:44 UTC
Previous status: fail

stable: pass (log)
The tests ran in 0:06:49
Last run: 2019-08-22 06:21:55 UTC
Previous status: fail

Created: 2020-03-27 Last update: 2020-06-02 15:14

2 security issues in buster high

There are 2 open security issues in buster.

1 important issue:

CVE-2020-10933: An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.

1 issue skipped by the security teams:

CVE-2020-10663: The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

Please fix them.

Created: 2020-04-25 Last update: 2020-05-08 00:00

news

[2020-05-04] ruby2.5 REMOVED from testing (Debian testing watch)
[2020-05-02] Removed 2.5.7-1 from unstable (Debian FTP Masters)
[2019-12-21] Accepted ruby2.5 2.5.5-3+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2019-12-17] Accepted ruby2.5 2.5.5-3+deb10u1 (source) into stable->embargoed, stable (Salvatore Bonaccorso)
[2019-10-26] ruby2.5 2.5.7-1 MIGRATED to testing (Debian testing watch)
[2019-10-23] Accepted ruby2.5 2.5.7-1 (source) into unstable (Antonio Terceiro)
[2019-08-01] ruby2.5 2.5.5-4 MIGRATED to testing (Debian testing watch)
[2019-07-30] Accepted ruby2.5 2.5.5-4 (source) into unstable (Antonio Terceiro)
[2019-06-05] ruby2.5 2.5.5-3 MIGRATED to testing (Debian testing watch)
[2019-06-02] Accepted ruby2.5 2.5.5-3 (source) into unstable (Antonio Terceiro)
[2019-05-16] ruby2.5 2.5.5-2 MIGRATED to testing (Debian testing watch)
[2019-05-13] Accepted ruby2.5 2.5.5-2 (source) into unstable (Antonio Terceiro)
[2019-04-01] ruby2.5 2.5.5-1 MIGRATED to testing (Debian testing watch)
[2019-03-26] Accepted ruby2.5 2.5.5-1 (source) into unstable (Antonio Terceiro)
[2019-03-06] ruby2.5 2.5.3-4 MIGRATED to testing (Debian testing watch)
[2019-02-23] Accepted ruby2.5 2.5.3-4 (source) into unstable (Antonio Terceiro)
[2018-11-29] ruby2.5 2.5.3-3 MIGRATED to testing (Debian testing watch)
[2018-11-27] Accepted ruby2.5 2.5.3-3 (source) into unstable (Antonio Terceiro)
[2018-11-25] Accepted ruby2.5 2.5.3-2 (source) into unstable (Antonio Terceiro)
[2018-11-24] Accepted ruby2.5 2.5.3-1 (source) into unstable (Antonio Terceiro)
[2018-10-07] Accepted ruby2.5 2.5.1-6 (source) into unstable (Antonio Terceiro)
[2018-07-29] ruby2.5 2.5.1-5 MIGRATED to testing (Debian testing watch)
[2018-07-24] Accepted ruby2.5 2.5.1-5 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2018-07-22] Accepted ruby2.5 2.5.1-4 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2018-06-16] ruby2.5 2.5.1-3 MIGRATED to testing (Debian testing watch)
[2018-06-11] Accepted ruby2.5 2.5.1-3 (source) into unstable (Antonio Terceiro)
[2018-06-09] Accepted ruby2.5 2.5.1-2 (source) into unstable (Antonio Terceiro)
[2018-04-06] ruby2.5 2.5.1-1 MIGRATED to testing (Debian testing watch)
[2018-03-31] Accepted ruby2.5 2.5.1-1 (source) into unstable (Antonio Terceiro)
[2018-03-10] ruby2.5 2.5.0-6 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, clang, cross
popcon
browse source code
edit tags
security tracker
screenshots
debci

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing