reassign 629067 libactionpack-ruby found 629067 rails/2.3.5-1.2+squeeze0.1 severity 629067 grave thanks
On Fri, Jun 03, 2011 at 12:26:27PM +0200, Vincent-Xavier JUMEL wrote: > Package: libactionpack-ruby > Version: 2.3.5-1.2+squeeze0.1 > Severity: normal > > libactionpack update breaks redmine user view if hide_mail is not enabled. > Redmine renderer fails on an inexistant html_safe method > > Workaround : change user preference to hidden mail > psql> update user_preference set hide_mail = 't' where hide_mail = 'f' ; This was reassigned to ruby-actionpack-2.3 (present only in wheezy+) but it's not really obvious why — no explanative mail was sent to the BTS and the bug report remains unanswered. If it affects another package in wheezy, then it should probably be cloned/reassigned instead. I'm reassigning it back and changing this severity: this was a security update that broke an unrelated package (redmine) *in stable*. This is /not/ acceptable according to the security team's guidelines. You could say that either the fix should be adapted or that the call sites (redmine) should be fixed. I'd vote for the first, though, since we can't really know what else has been broken by this change (in the archive, let alone user-installed applications...) In any case, I'm adding redmine maintainers & the security team to the Cc in case they have something useful to add. Regards, Faidon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org