This bug was fixed in the package ruby-activesupport-2.3 - 2.3.14-4ubuntu0.2
--------------- ruby-activesupport-2.3 (2.3.14-4ubuntu0.2) quantal-security; urgency=low
* SECURITY UPDATE: Add an OkJson backend and remove the YAML backend to resolve improper conversion of JSON to YAML (LP: #1119256) - debian/patches/CVE-2013-0333.patch: added patch from Debian 2.3.14-6 - CVE-2013-0333 -- Jamie Strandboge <email address hidden> Wed, 13 Feb 2013 10:41:04 -0600
This bug was fixed in the package ruby-activesupp ort-2.3 - 2.3.14-4ubuntu0.2
--------------- ort-2.3 (2.3.14-4ubuntu0.2) quantal-security; urgency=low
ruby-activesupp
* SECURITY UPDATE: Add an OkJson backend and remove the YAML backend to patches/ CVE-2013- 0333.patch: added patch from Debian 2.3.14-6
resolve improper conversion of JSON to YAML (LP: #1119256)
- debian/
- CVE-2013-0333
-- Jamie Strandboge <email address hidden> Wed, 13 Feb 2013 10:41:04 -0600