dear security team, On Mon, Feb 11, 2013 at 1:24 PM, Satoru KURASHIKI <lur...@gmail.com> wrote: > I've contacted Youhei SASAKI (maintainer of ruby-rack, successor of > librack-ruby), > and acknowledged about preparing NMU for this bug. > > Please audit this patch, after that I will prepare NMU for squeeze. > (and after that t-p-u, unstable, ...)
I've created a NMU debdiff for stable, which includes these fixes: #698440 (CVE-2013-0184) #700226 (CVE-2013-0263) These are already applied in unstable/testing. Please consider to update stable version of librack-ruby with attached debdiff to close those CVE issues. regards, -- KURASHIKI Satoru
librack-ruby_s-p-u.debdiff
Description: Binary data