1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEVE

  • Accepted ruby3.3 3.3.8-1 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Thu Apr 10 23:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Thu, 10 Apr 2025 15:59:06 -0300
    Source: ruby3.3
    Architecture: source
    Version: 3.3.8-1
    Distribution: unstable
    Urgency: medium
    Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
    Changed-By: Lucas Kanashiro <kanashiro@debian.org>
    Closes: 1099067
    Changes:
    ruby3.3 (3.3.8-1) unstable; urgency=medium
    .
    * New upstream release.
    - Fix CVE-2025-25186 in net-imap.
    - Fix CVE-2025-27221 in URI.
    + d/p/CVE-2025-27221_*.patch: kept to fix the same issue in URI
    vendorized version in lib/{rubygems,bundler}.
    - Fix CVE-2025-27219 and CVE-2025-27220 in CGI.
    + d/p/CVE-2025-272{19,20}.patch: removed.
    * d/control: make libruby3.3 depend on versioned ruby-{csv,ruby2-keywords}.
    Those 2 gems used to have the same version in libruby3.1 and in their
    own source packages, and when a user tried to upgrade from bookworm to
    trixie the libruby3.1 was kept because it would satisfy the depedencies
    without installing a new package.
    Adding them with a version constraint to avoid keeping libruby3.1 around
    after the upgrade to ruby3.3. (Closes: #1099067)
    Checksums-Sha1:
    5e94045f2f09fe1c42b49eef24187e01c5918c8e 2592 ruby3.3_3.3.8-1.dsc
    4a0bba7c1d1e718391014b226d308cc1336eba5e 14507672 ruby3.3_3.3.8.orig.tar.xz
    e0c9b358a920c64d23c6e1f1dac80baa1bdaa3ad 64516 ruby3.3_3.3.8-1.debian.tar.xz Checksums-Sha256:
    4fd9d7f628eb82afe2252494548522dba30ec717d3c3caab54f1ef4b280d8a42 2592 ruby3.3_3.3.8-1.dsc
    e2e1233ad275b7623a05edf23a01192626d1da454bdfe353a28a87acd8ef015c 14507672 ruby3.3_3.3.8.orig.tar.xz
    1feb62bdb13da504c93835803e4c1b5b432169892da499a815f10eeb061a495c 64516 ruby3.3_3.3.8-1.debian.tar.xz
    Files:
    ee787da402d85fde62f640f9bf614e94 2592 ruby optional ruby3.3_3.3.8-1.dsc
    313ddd79a513aeeebfcc4bf10b55c861 14507672 ruby optional ruby3.3_3.3.8.orig.tar.xz
    006097ef6c83ab5e29caf0bfd0497d6d 64516 ruby optional ruby3.3_3.3.8-1.debian.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQJJBAEBCAAzFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmf4MNsVHGthbmFzaGly b0BkZWJpYW4ub3JnAAoJEPgjonKYg8l87BUQAIq3YCQD5XWjPxhOGxxuuvw8l3yC lrEhZXeUd8PgAn1Kqx0SQV2iF8ktFkF3/FuLf2PWBVqGmpokaFa/on1EXt7D0iCU USAp/01YWLU4FDTReYvWkM868ZOdXwqqlHLceeU8JT7vUv6dCPvDmiiD2bB5vc9+ Ur8ELRIcl1dQCGMehWtaGtv6cJpl2ndES4Suk90Dzxq/z3L6F8ycGlJ2zAVgqhrz 0vbwQgKnUh9a32XpPvQno1H2Yh+aH+4KKpXt3ONcZC+WsDgkbcSDXEIzwAldtsQn Wkzz2tZC5xayCPk6RFUuhr8ie+q4fRuBtSNGX1E9uAz4C5uC+mmRkffLp43aWSeN 0xB5cy1C0Z6Qi2DhGHUu9HEn+CgNd8dOd4R36oonnJejttIjtyTAVPzewLjSRdfO qKEv5wpJCioCjxrGLslAYe+Jpk2zogUJE380eNnfaMC/KZyRpEZOwg0LP2dt7+XA vNezUbZwjTMoEiTsw5dKa6iu77RxwOzf2iyRDunVGDB8qe8zjdvm7gy5nPKVAlZS hOkbxGzqYKtMeRYBJoXUYUOtpgE7U7LdXiyV4IH+0FAcHBcUnOso7MkB1l0Kp/2c Jde0nEQyb6syMPQNKPXKoMFsoHfZ97mImElPZGcxgITZpVYZLl9LfNRgzws+2/58 OncVxTn6nCaT3LJO
    =sFE9
    -----END PGP SIGNATURE-----


    --==============&64911657554029971=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ/g4gAAKCRCb9qggYcy5 IQk6AQD7XQqoqGoznupai0vJTa/Ncbd9z80PbC9ZpotXLuqYQAD/THUikWd+kytK 4C4W4L7vzX+4rbbD1piXJsSjkvpeSwoûLa
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)