Ubuntu

“ruby1.9.1” 1.9.3.0-1ubuntu2.2 source package in The Precise Pangolin

Publishing history

1.9.3.0-1ubuntu2.2
SUPERSEDED: Precise pocket Updates in component main and section ruby
  • Removed from disk on 2012-10-12.
  • Removal requested on 2012-10-11.
  • Superseded on 2012-10-10 by ruby1.9.1 - 1.9.3.0-1ubuntu2.3
  • Published on 2012-09-26
  • Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
1.9.3.0-1ubuntu2.2
SUPERSEDED: Precise pocket Security in component main and section ruby
  • Removed from disk on 2012-10-12.
  • Removal requested on 2012-10-11.
  • Superseded on 2012-10-10 by ruby1.9.1 - 1.9.3.0-1ubuntu2.3
  • Published on 2012-09-26
  • Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Tyler Hicks

Builds

Changelog

ruby1.9.1 (1.9.3.0-1ubuntu2.2) precise-security; urgency=low

  * SECURITY UPDATE: Safe level bypass
    - debian/patches/CVE-2011-1005.patch: Remove incorrect string taint
      in exception handling methods. Based on upstream patch.
    - CVE-2011-1005
  * SECURITY UPDATE: Add proper handling of rubygems SSL connections
    - debian/patches/CVE-2012-2125-2126.patch: Perform certificate
      verification and disallow HTTP->HTTPS redirection. Based on upstream
      patch.
    - CVE-2012-2125
    - CVE-2012-2126
  * debian/control: Add ca-certificates to libruby1.9.1 depends so that
    rubygems can perform certificate verification
 -- Tyler Hicks <email address hidden>   Mon, 24 Sep 2012 09:31:38 -0700