ruby2.5 2.5.5-1ubuntu1 source package in Ubuntu
Changelog
ruby2.5 (2.5.5-1ubuntu1) disco; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/rubygems-2388.patch: Allow either Fetcher or OpenSSL exceptions
when using invalid cert in rubygems testcase.
- update the patch with the merged upstream PR: 2507
- various backports for better openssl support (formerly undocumented in
changelog)
+ d/p/0001-openssl-buffering.rb-no-RS-when-output.patch
+ d/p/0006-Workaround-for-old-LibreSSL.patch
* Dropped changes: d/p/1dfc377ae3b174b043d3f0ed36de57b0296b34d0.patch
- upstream
ruby2.5 (2.5.5-1) unstable; urgency=medium
* New upstream version 2.5.5. Includes a series of bug fixes, most notably
for 6 security bugs discovered in Rubygems:
- CVE-2019-8320: Delete directory using symlink when decompressing tar
- CVE-2019-8321: Escape sequence injection vulnerability in verbose
- CVE-2019-8322: Escape sequence injection vulnerability in gem owner
- CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
- CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
- CVE-2019-8325: Escape sequence injection vulnerability in errors
* Rebase patches. The following patches were applied upstream and dropped
from the Debian package:
- 0011-Update-for-tzdata-2018f.patch
- 0012-test-update-test-certificate.patch
-- Gianfranco Costamagna <email address hidden> Thu, 28 Mar 2019 10:47:03 +0100
Upload details
- Uploaded by:
- Gianfranco Costamagna
- Uploaded to:
- Disco
- Original maintainer:
- Debian Ruby Extras Maintainers
- Architectures:
- any all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ruby2.5_2.5.5.orig.tar.xz | 9.7 MiB | a49a222bbeeeb0191ae043a509cd05137869f971a33fef74d3c0aaae95170877 |
| ruby2.5_2.5.5-1ubuntu1.debian.tar.xz | 115.8 KiB | c491b54828f5a097a886b7b1996039761ae3c1ae9730d305ea2117eaf79bb9db |
| ruby2.5_2.5.5-1ubuntu1.dsc | 2.4 KiB | 9cf3ac18f4ac7ce715f5b951da78d6ca5a3e9bf53ce17471ec5b074813e79ad6 |
Available diffs
- diff from 2.5.3-4ubuntu1 to 2.5.5-1ubuntu1 (75.7 KiB)
Binary packages built by this source
- libruby2.5: No summary available for libruby2.5 in ubuntu disco.
No description available for libruby2.5 in ubuntu disco.
- libruby2.5-dbgsym: No summary available for libruby2.5-dbgsym in ubuntu eoan.
No description available for libruby2.5-dbgsym in ubuntu eoan.
- ruby2.5: No summary available for ruby2.5 in ubuntu eoan.
No description available for ruby2.5 in ubuntu eoan.
- ruby2.5-dbgsym: No summary available for ruby2.5-dbgsym in ubuntu disco.
No description available for ruby2.5-dbgsym in ubuntu disco.
- ruby2.5-dev: No summary available for ruby2.5-dev in ubuntu eoan.
No description available for ruby2.5-dev in ubuntu eoan.
- ruby2.5-doc: No summary available for ruby2.5-doc in ubuntu disco.
No description available for ruby2.5-doc in ubuntu disco.
