Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Dear stable release manager, I hereby propose an update for stretch of mruby. It contains a patch fixing CVE-2017-9527 [1]. The security issue was marked as being no-DSA [2]. The changelog entry is: mruby (1.2.0+20161228+git30d5424a-1+deb9u1) stretch; urgency=high * Backport patches from 1.3.0. (Closes: #865778) - CVE-2017-9527: heap-based use-after-free -- Nobuhiro Iwamatsu <iwama...@debian.org> Tue, 14 Nov 2017 12:40:35 +0900 Please see the attached debdiff for details. Best regards, Nobuhiro [1] https://bugs.debian.org/865778 [2] https://security-tracker.debian.org/tracker/CVE-2017-9527 -- Nobuhiro Iwamatsu iwamatsu at {nigauri.org / debian.org} GPG ID: 40AD1FA6
mruby_1.2.0+20161228+git30d5424a-1+deb9u1.debdiff
Description: Binary data