[DRE-commits] [SCM] ruby-rack.git branch, master, updated. debian/1.4.1-2-2-g625c08d

Youhei SASAKI uwabami at gfd-dennou.org
Sat Jan 19 20:43:03 UTC 2013


The following commit has been merged in the master branch:
commit 625c08dad569e778749ac06697b8adada9268463
Author: Youhei SASAKI <uwabami at gfd-dennou.org>
Date:   Sun Jan 20 05:40:31 2013 +0900

    Fix CVE address
    
    Signed-off-by: Youhei SASAKI <uwabami at gfd-dennou.org>

diff --git a/debian/patches/0001-Fix-parsing-performance-for-unquoted-filenames.patch b/debian/patches/0001-Fix-parsing-performance-for-unquoted-filenames.patch
index 4b52465..3bebe87 100644
--- a/debian/patches/0001-Fix-parsing-performance-for-unquoted-filenames.patch
+++ b/debian/patches/0001-Fix-parsing-performance-for-unquoted-filenames.patch
@@ -5,7 +5,7 @@ Subject: Fix parsing performance for unquoted filenames
 Special thanks to Paul Rogers & Eric Wong
 
 Origin: upstream, https://github.com/rack/rack/commit/4fc44671b3cad569421f4f8b775c0590b86f575e
-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=895277
+Bug: https://security-tracker.debian.org/tracker/CVE-2012-6109
 Bug-Debian: http://bugs.debian.org/698440
 
 ---
diff --git a/debian/patches/0002-multipart-parser-avoid-unbounded-gets-method.patch b/debian/patches/0002-multipart-parser-avoid-unbounded-gets-method.patch
index fb5b70f..324d342 100644
--- a/debian/patches/0002-multipart-parser-avoid-unbounded-gets-method.patch
+++ b/debian/patches/0002-multipart-parser-avoid-unbounded-gets-method.patch
@@ -6,7 +6,7 @@ Malicious clients may send excessively long lines
 to trigger out-of-memory errors in a Rack web server.
 
 Origin: upstream, https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18
-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=895282
+Bug: https://security-tracker.debian.org/tracker/CVE-2013-0183
 Bug-Debian: http://bugs.debian.org/698440
 
 ---
diff --git a/debian/patches/0003-Reimplement-auth-scheme-fix.patch b/debian/patches/0003-Reimplement-auth-scheme-fix.patch
index f5c50a2..472cbf5 100644
--- a/debian/patches/0003-Reimplement-auth-scheme-fix.patch
+++ b/debian/patches/0003-Reimplement-auth-scheme-fix.patch
@@ -16,7 +16,7 @@ Subject: Reimplement auth scheme fix
  * Probably missed a bunch, but that'll have to do
 
 Origin: upstream, https://github.com/rack/rack/commit/87df8796a6e4555ec8fd3817c419c6b44b7ca459
-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=895384
+Bug: https://security-tracker.debian.org/tracker/CVE-2013-0184
 Bug-Debian: http://bugs.debian.org/698440
 
 ---

-- 
ruby-rack.git



More information about the Pkg-ruby-extras-commits mailing list