Hi Salvatore et al., > Source: ruby-i18n […] > CVE-2014-10077[0]: > | Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 > | for Ruby allows remote attackers to cause a denial of service > | (application crash) via a call in a situation where :some_key is > | present in keep_keys but not present in the hash.
Security team, I would be more than happy to prepare and upload a stable security upload of this package when addressing it in jessie LTS. Please let me know and I will come back with a debdiff. Ruby team, I could easily upload to sid at the same time. Let me know too. (I believe I have the requisite powers in Salsa already.) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-