Debian Bug report logs - #513528
ruby1.9: Not properly checking the return value of OCSP_basic_verify

version graph

Package: ruby1.9; Maintainer for ruby1.9 is (unknown);

Reported by: Kurt Roeckx <kurt@roeckx.be>

Date: Thu, 29 Jan 2009 21:42:02 UTC

Severity: serious

Tags: fixed-upstream, security

Found in versions ruby1.9/1.9.0.2-9, ruby1.9/1.9.1.0-1

Fixed in versions ruby1.9/1.9.0.2-9.1, ruby1.8/1.8.7.72-3lenny1, ruby1.9.1/1.9.1.243-1, ruby1.9/1.9.0.5-1, ruby1.9/1.9.0.2-9lenny1

Done: akira yamada <akira@debian.org>

Bug is archived. No further changes may be made.

Forwarded to http://redmine.ruby-lang.org/issues/show/1091

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, akira yamada <akira@debian.org>:
Bug#513528; Package ruby1.9. (Thu, 29 Jan 2009 21:42:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
New Bug report received and forwarded. Copy sent to akira yamada <akira@debian.org>. (Thu, 29 Jan 2009 21:42:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: submit@bugs.debian.org
Subject: ruby1.9: Not properly checking the return value of OCSP_basic_verify
Date: Thu, 29 Jan 2009 22:39:08 +0100
Package: ruby1.9
Severity: serious
Tags: security

Hi,

I was looking at return codes for applications making use of
openssl functions and found this in ext/openssl/ossl_ocsp.c:

    result = OCSP_basic_verify(bs, x509s, x509st, flg);
    sk_X509_pop_free(x509s, X509_free);
    if(!result) rb_warn("%s", ERR_error_string(ERR_peek_error(), NULL));

    return result ? Qtrue : Qfalse;

OCSP_basic_verify() can return both 0 and -1 in error cases,
so this function can incorrectly return information to the
caller.

I have no idea if what this code is used for and what the consequences
of this might be.


Kurt





Noted your statement that Bug has been forwarded to http://redmine.ruby-lang.org/issues/show/1091. Request was from Lucas Nussbaum <lucas@lucas-nussbaum.net> to control@bugs.debian.org. (Mon, 02 Feb 2009 18:06:06 GMT) Full text and rfc822 format available.

Tags added: fixed-upstream Request was from kurt@roeckx.be (Kurt Roeckx) to control@bugs.debian.org. (Mon, 23 Feb 2009 23:24:02 GMT) Full text and rfc822 format available.

Bug 513528 cloned as bug 517639. Request was from Daigo Moriwaki <daigo@debian.org> to control@bugs.debian.org. (Sun, 01 Mar 2009 04:51:02 GMT) Full text and rfc822 format available.

Bug marked as found in version 1.9.0.2-9. Request was from Daigo Moriwaki <daigo@debian.org> to control@bugs.debian.org. (Sun, 01 Mar 2009 04:51:05 GMT) Full text and rfc822 format available.

Bug marked as found in version 1.9.1.0-1. Request was from Daigo Moriwaki <daigo@debian.org> to control@bugs.debian.org. (Sun, 01 Mar 2009 04:51:05 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, akira yamada <akira@debian.org>:
Bug#513528; Package ruby1.9. (Mon, 06 Apr 2009 17:06:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to akira yamada <akira@debian.org>. (Mon, 06 Apr 2009 17:06:04 GMT) Full text and rfc822 format available.

Message #20 received at 513528@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 513528@bugs.debian.org
Subject: intent to NMU
Date: Mon, 6 Apr 2009 19:02:51 +0200
[Message part 1 (text/plain, inline)]
Hi,
I intent to NMU this bug, quite some time passed since this 
was initally reported.

Attached is a debdiff.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[ruby1.9-1.9.0.2-9_1.9.0.2-9.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]

Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility. (Tue, 07 Apr 2009 15:39:03 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Tue, 07 Apr 2009 15:39:03 GMT) Full text and rfc822 format available.

Message #25 received at 513528-close@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 513528-close@bugs.debian.org
Subject: Bug#513528: fixed in ruby1.9 1.9.0.2-9.1
Date: Tue, 07 Apr 2009 15:34:30 +0000
Source: ruby1.9
Source-Version: 1.9.0.2-9.1

We believe that the bug you reported is fixed in the latest version of
ruby1.9, which is due to be installed in the Debian FTP archive:

irb1.9_1.9.0.2-9.1_all.deb
  to pool/main/r/ruby1.9/irb1.9_1.9.0.2-9.1_all.deb
libdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
libgdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
libopenssl-ruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0.2-9.1_amd64.deb
libreadline-ruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libreadline-ruby1.9_1.9.0.2-9.1_amd64.deb
libruby1.9-dbg_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libruby1.9-dbg_1.9.0.2-9.1_amd64.deb
libruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libruby1.9_1.9.0.2-9.1_amd64.deb
libtcltk-ruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0.2-9.1_amd64.deb
rdoc1.9_1.9.0.2-9.1_all.deb
  to pool/main/r/ruby1.9/rdoc1.9_1.9.0.2-9.1_all.deb
ri1.9_1.9.0.2-9.1_all.deb
  to pool/main/r/ruby1.9/ri1.9_1.9.0.2-9.1_all.deb
ruby1.9-dev_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/ruby1.9-dev_1.9.0.2-9.1_amd64.deb
ruby1.9-elisp_1.9.0.2-9.1_all.deb
  to pool/main/r/ruby1.9/ruby1.9-elisp_1.9.0.2-9.1_all.deb
ruby1.9-examples_1.9.0.2-9.1_all.deb
  to pool/main/r/ruby1.9/ruby1.9-examples_1.9.0.2-9.1_all.deb
ruby1.9_1.9.0.2-9.1.diff.gz
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.2-9.1.diff.gz
ruby1.9_1.9.0.2-9.1.dsc
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.2-9.1.dsc
ruby1.9_1.9.0.2-9.1_amd64.deb
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.2-9.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 513528@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated ruby1.9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 06 Apr 2009 18:43:32 +0200
Source: ruby1.9
Binary: ruby1.9 libruby1.9 libruby1.9-dbg ruby1.9-dev libdbm-ruby1.9 libgdbm-ruby1.9 libreadline-ruby1.9 libtcltk-ruby1.9 libopenssl-ruby1.9 ruby1.9-examples ruby1.9-elisp ri1.9 rdoc1.9 irb1.9
Architecture: source all amd64
Version: 1.9.0.2-9.1
Distribution: unstable
Urgency: high
Maintainer: akira yamada <akira@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 irb1.9     - Interactive Ruby (for Ruby 1.9)
 libdbm-ruby1.9 - DBM interface for Ruby 1.9
 libgdbm-ruby1.9 - GDBM interface for Ruby 1.9
 libopenssl-ruby1.9 - OpenSSL interface for Ruby 1.9
 libreadline-ruby1.9 - Readline interface for Ruby 1.9
 libruby1.9 - Libraries necessary to run Ruby 1.9
 libruby1.9-dbg - Debugging symbols for Ruby 1.9
 libtcltk-ruby1.9 - Tcl/Tk interface for Ruby 1.9
 rdoc1.9    - Generate documentation from Ruby source files (for Ruby 1.9)
 ri1.9      - Ruby Interactive reference (for Ruby 1.9)
 ruby1.9    - Interpreter of object-oriented scripting language Ruby 1.9
 ruby1.9-dev - Header files for compiling extension modules for the Ruby 1.9
 ruby1.9-elisp - ruby-mode for Emacsen
 ruby1.9-examples - Examples for Ruby 1.9
Closes: 513528
Changes: 
 ruby1.9 (1.9.0.2-9.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add upstream patch to properly check return values of the
     OCSP_basic_verify function (CVE-2009-0642; Closes: #513528)
Checksums-Sha1: 
 cb1458b0b1f65bb54bede16fe726c466b401dd0f 1659 ruby1.9_1.9.0.2-9.1.dsc
 1d755c6a24a48cbc9503f7ce0b61e96f6d50347d 51422 ruby1.9_1.9.0.2-9.1.diff.gz
 13fdc497c7b636c5aca0589666f17476fba1e461 482604 ruby1.9-examples_1.9.0.2-9.1_all.deb
 4125897004597187e3c869c843bc5b39df79753b 448332 ruby1.9-elisp_1.9.0.2-9.1_all.deb
 158dc363f64d5de690cd59f8c9496fe90120aa12 1433074 ri1.9_1.9.0.2-9.1_all.deb
 cc6ea81b05abb9abad666f5049dc47bbb381b9ff 536538 rdoc1.9_1.9.0.2-9.1_all.deb
 202847b61144d3cb0922c7bed0fbb103e7220c50 474040 irb1.9_1.9.0.2-9.1_all.deb
 f8d7f572bcdd7235673c708ba138dd3c307eb787 453156 ruby1.9_1.9.0.2-9.1_amd64.deb
 222498875f83ba2e200652441051373eeb4c5b10 2698066 libruby1.9_1.9.0.2-9.1_amd64.deb
 72b2003927767c197201070800554fb3eeb5c8a3 2525162 libruby1.9-dbg_1.9.0.2-9.1_amd64.deb
 1d16bb33a60b0428e2d18dd1eae308d9c916d06b 1362138 ruby1.9-dev_1.9.0.2-9.1_amd64.deb
 6fccbbed1896eeee7dbebc650ec35f95e53701a4 436840 libdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
 f945caf0ef2426ddfb1eecf737c38a05056ebebe 435914 libgdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
 59d6e9c1ea8084751d4479e1f4d200f6685c17e3 435860 libreadline-ruby1.9_1.9.0.2-9.1_amd64.deb
 8c17a70a428f9cb42919f94ceb9287173544d94f 2188752 libtcltk-ruby1.9_1.9.0.2-9.1_amd64.deb
 75517c7f577ac10dbded38a9911135e37535e923 558954 libopenssl-ruby1.9_1.9.0.2-9.1_amd64.deb
Checksums-Sha256: 
 455e83d52f928646ac36ccf43d3c71882c192ecc6f6bd94418f87d85d8cae245 1659 ruby1.9_1.9.0.2-9.1.dsc
 bd6187327532bfa9232d12d7098901ee20da7dd5c19023996666146d3389f10c 51422 ruby1.9_1.9.0.2-9.1.diff.gz
 c51d5be61aa23e406cca94bdbfe570ea50b4f5382f13e16863d88efbb3529d58 482604 ruby1.9-examples_1.9.0.2-9.1_all.deb
 6a4ede704f155c70d5d9683fcbab7510f6c1178a3abb58729d67990963f6e337 448332 ruby1.9-elisp_1.9.0.2-9.1_all.deb
 555a6dc9a03a704dc74bc1deebe3ad3e35c8024e0721296dbe16c83ee9e5e9cc 1433074 ri1.9_1.9.0.2-9.1_all.deb
 a312330d0c01dbb3d1ecbdf11fab41934b044b9e0471e3f0e6efdcc02397dfab 536538 rdoc1.9_1.9.0.2-9.1_all.deb
 83ad11f43f2a91b5451475b66b8b6ce074678d9fb00bb06236aee559e56c09c8 474040 irb1.9_1.9.0.2-9.1_all.deb
 cf6186e845d69e9bf8cc3f4e8117a867cf7cd0d79ee8f8d06bfeb81414083a7d 453156 ruby1.9_1.9.0.2-9.1_amd64.deb
 a43d8808257a4033721a5b15a4c5afaa65a7cf5d89da29950f0f4925df979adc 2698066 libruby1.9_1.9.0.2-9.1_amd64.deb
 abe47dbcc3cb9b689eb20101c636ba13c229763c65ce34709255fca8c5f13d7a 2525162 libruby1.9-dbg_1.9.0.2-9.1_amd64.deb
 02d0053617001edfbbde0a33333324e879d61dd9afd9082f0848509e3a14fd2d 1362138 ruby1.9-dev_1.9.0.2-9.1_amd64.deb
 2f12b2561c2ee38ec1fdf377514c3f28f5d6e121e323039b12576cb27948819c 436840 libdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
 154876fddcfb4cbbb40cd7170f250b01f5986fe826a960942275a2725e053e5b 435914 libgdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
 5fa8bfe55db8eca38076914d33c253cf13c8c34c8baf88e245945e85edb6bcb6 435860 libreadline-ruby1.9_1.9.0.2-9.1_amd64.deb
 3ab2d8ac1d140e30a865761e765dadbe95ac9b70bf59ba42f3edc439473bab3f 2188752 libtcltk-ruby1.9_1.9.0.2-9.1_amd64.deb
 c10afc5cffc9aa21bde8210530f7d077467a15405f648cc27b644b085ce02c2c 558954 libopenssl-ruby1.9_1.9.0.2-9.1_amd64.deb
Files: 
 6a2c32f2e0b35b0b9a504aa5e0e094a0 1659 interpreters optional ruby1.9_1.9.0.2-9.1.dsc
 c9c771faa58ad5449ec9a553231f1804 51422 interpreters optional ruby1.9_1.9.0.2-9.1.diff.gz
 88dffc8ba82abde92ef5a9e0d45339c7 482604 interpreters optional ruby1.9-examples_1.9.0.2-9.1_all.deb
 e4ec9dca680d7186f280c2bace940efc 448332 interpreters optional ruby1.9-elisp_1.9.0.2-9.1_all.deb
 a9025466bc0d1a2b3290281ae632b7e1 1433074 interpreters optional ri1.9_1.9.0.2-9.1_all.deb
 ed6680363e1288fa4995accaea775492 536538 doc optional rdoc1.9_1.9.0.2-9.1_all.deb
 82c1d3c26464993aea93395f59e52b57 474040 interpreters optional irb1.9_1.9.0.2-9.1_all.deb
 80926214aa157e57e20c826ee3ce2a84 453156 interpreters optional ruby1.9_1.9.0.2-9.1_amd64.deb
 c670983c9e921bf827da3287fb7bc0e2 2698066 libs optional libruby1.9_1.9.0.2-9.1_amd64.deb
 cd428d1094479fb210212c6e6fa07ba1 2525162 libdevel extra libruby1.9-dbg_1.9.0.2-9.1_amd64.deb
 639235ceba0b740b2d938f44c8a9aa26 1362138 devel optional ruby1.9-dev_1.9.0.2-9.1_amd64.deb
 7b801e8155ba5904442a28745804265f 436840 interpreters optional libdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
 c6a3fc844f09660fa83d44b169fb75cd 435914 interpreters optional libgdbm-ruby1.9_1.9.0.2-9.1_amd64.deb
 d6e1b73a9d483e06ed77c819c9b69ba4 435860 interpreters optional libreadline-ruby1.9_1.9.0.2-9.1_amd64.deb
 5186b0c16d9b20912229e66f2254ced0 2188752 interpreters optional libtcltk-ruby1.9_1.9.0.2-9.1_amd64.deb
 512290635afe377ba5481e74c5c7f4d5 558954 interpreters optional libopenssl-ruby1.9_1.9.0.2-9.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknbWVYACgkQHYflSXNkfP9wIQCfUtEJoYJqRSUOFTaCtV7BagTB
Sc4An1g+aDiYt8F4XW80MmKNtbjDDjwD
=v8pP
-----END PGP SIGNATURE-----





Added tag(s) pending. Request was from Anibal Monsalve Salazar <anibal@debian.org> to control@bugs.debian.org. (Sat, 08 Aug 2009 08:06:03 GMT) Full text and rfc822 format available.

Reply sent to akira yamada <akira@debian.org>:
You have taken responsibility. (Thu, 13 Aug 2009 02:00:04 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Thu, 13 Aug 2009 02:00:04 GMT) Full text and rfc822 format available.

Message #32 received at 513528-close@bugs.debian.org (full text, mbox):

From: akira yamada <akira@debian.org>
To: 513528-close@bugs.debian.org
Subject: Bug#513528: fixed in ruby1.8 1.8.7.72-3lenny1
Date: Thu, 13 Aug 2009 01:53:52 +0000
Source: ruby1.8
Source-Version: 1.8.7.72-3lenny1

We believe that the bug you reported is fixed in the latest version of
ruby1.8, which is due to be installed in the Debian FTP archive:

irb1.8_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/irb1.8_1.8.7.72-3lenny1_all.deb
libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
libruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libruby1.8_1.8.7.72-3lenny1_i386.deb
libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
rdoc1.8_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/rdoc1.8_1.8.7.72-3lenny1_all.deb
ri1.8_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/ri1.8_1.8.7.72-3lenny1_all.deb
ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
ruby1.8-examples_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/ruby1.8-examples_1.8.7.72-3lenny1_all.deb
ruby1.8_1.8.7.72-3lenny1.diff.gz
  to pool/main/r/ruby1.8/ruby1.8_1.8.7.72-3lenny1.diff.gz
ruby1.8_1.8.7.72-3lenny1.dsc
  to pool/main/r/ruby1.8/ruby1.8_1.8.7.72-3lenny1.dsc
ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/ruby1.8_1.8.7.72-3lenny1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 513528@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
akira yamada <akira@debian.org> (supplier of updated ruby1.8 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 Jul 2009 17:17:38 +0900
Source: ruby1.8
Binary: ruby1.8 libruby1.8 libruby1.8-dbg ruby1.8-dev libdbm-ruby1.8 libgdbm-ruby1.8 libreadline-ruby1.8 libtcltk-ruby1.8 libopenssl-ruby1.8 ruby1.8-examples ruby1.8-elisp ri1.8 rdoc1.8 irb1.8
Architecture: source all i386
Version: 1.8.7.72-3lenny1
Distribution: stable-security
Urgency: high
Maintainer: akira yamada <akira@debian.org>
Changed-By: akira yamada <akira@debian.org>
Description: 
 irb1.8     - Interactive Ruby (for Ruby 1.8)
 libdbm-ruby1.8 - DBM interface for Ruby 1.8
 libgdbm-ruby1.8 - GDBM interface for Ruby 1.8
 libopenssl-ruby1.8 - OpenSSL interface for Ruby 1.8
 libreadline-ruby1.8 - Readline interface for Ruby 1.8
 libruby1.8 - Libraries necessary to run Ruby 1.8
 libruby1.8-dbg - Debugging symbols for Ruby 1.8
 libtcltk-ruby1.8 - Tcl/Tk interface for Ruby 1.8
 rdoc1.8    - Generate documentation from Ruby source files (for Ruby 1.8)
 ri1.8      - Ruby Interactive reference (for Ruby 1.8)
 ruby1.8    - Interpreter of object-oriented scripting language Ruby 1.8
 ruby1.8-dev - Header files for compiling extension modules for the Ruby 1.8
 ruby1.8-elisp - ruby-mode for Emacsen
 ruby1.8-examples - Examples for Ruby 1.8
Closes: 513528 532689
Changes: 
 ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high
 .
   * added patch: 932_CVE-2009-1904 (closes: #532689)
     It fixes BigDecimal DoS vulnerability (CVE-2009-1904).  (backported from
     1.8.7-p172 and 1.8.7-p174)
   * Add upstream patch to properly check return values of the
     OCSP_basic_verify function (CVE-2009-0642; Closes: #513528)
Checksums-Sha1: 
 019896fc78564c7ca9e7fc26635657573ca7dbae 1641 ruby1.8_1.8.7.72-3lenny1.dsc
 fe1c5ffad9924076f36768890255f022c51f9a4e 4805594 ruby1.8_1.8.7.72.orig.tar.gz
 93dfb3ef2703ceb2d209c06ce71c99d1abd2b873 50437 ruby1.8_1.8.7.72-3lenny1.diff.gz
 d2eef4cd8c6e33df4a8e5e85e4c39f0ec5f8493a 308396 ruby1.8-examples_1.8.7.72-3lenny1_all.deb
 dabfde68046edd664760ec79e4af21787e154956 278076 ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
 58e08a9062b7908c9157402f505d34eaad5db3e8 1410008 ri1.8_1.8.7.72-3lenny1_all.deb
 267ee10293a73405547768781fed964abfebe58c 378512 rdoc1.8_1.8.7.72-3lenny1_all.deb
 9ed5bb7367f3637e6c83d9ecd43e02203c19959a 304454 irb1.8_1.8.7.72-3lenny1_all.deb
 77b980aaf7dde6eee79e7511990e699ddaf9bcfc 283524 ruby1.8_1.8.7.72-3lenny1_i386.deb
 646fd704be4d68c2d84d59d55aee92b53ea53f2d 1674552 libruby1.8_1.8.7.72-3lenny1_i386.deb
 b048c66e81aa924f195ee04efcc0ed9484410fef 1448898 libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
 942158602c531647ccdf3c0a2839b6738b28e59d 824762 ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
 4fa0b4e821591fd61f56fce1c3ad96654cd2edca 264712 libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 a8d83283f83a44311ad6662b77c0f16613d23ea8 263564 libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 16e221e8712ede5524352214ab94b7080d639ac8 263846 libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
 fe5cb22c08e0a72e3c183d996462e5aff10d07e1 1996318 libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
 fd3db92ad8b44a99ac9fd0c950489f4296eec3b2 378588 libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
Checksums-Sha256: 
 48e0ede7cf79addfc180d9f064c31b32a7d4fd0ddc36821473b85d613a5bcc82 1641 ruby1.8_1.8.7.72-3lenny1.dsc
 e15ca005076f5d6f91fc856fdfbd071698a4cadac3c6e25855899dba1f6fc5ef 4805594 ruby1.8_1.8.7.72.orig.tar.gz
 5d31dad9baf1b30c9538e7d96228e396249d3b852708c7092f407ab47af18358 50437 ruby1.8_1.8.7.72-3lenny1.diff.gz
 2e465d55db66904639d646895d119bae8f9cabd355f751ae07fe0dc1d003ad28 308396 ruby1.8-examples_1.8.7.72-3lenny1_all.deb
 beb7731a816d690f4d66b5c72da9f5e6688f313daee35a9f72f75b8e82692918 278076 ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
 7ab498541decb7c8fbd2ebbae989858f0c4c594a686c0add94fee739e8221cb7 1410008 ri1.8_1.8.7.72-3lenny1_all.deb
 f635a0d7b32360e6f0ee47f9e1ddd97ba20fde9f92eeef0a2087db03b279f492 378512 rdoc1.8_1.8.7.72-3lenny1_all.deb
 12ec465866683e14017b4f56a61d39bbe7c6efd9d3d383439285afa47c8dba6d 304454 irb1.8_1.8.7.72-3lenny1_all.deb
 81c84515aeb36ca11b1e81e5eb0802e1cbe8f70ba70e3c65ebaeb691dccc397e 283524 ruby1.8_1.8.7.72-3lenny1_i386.deb
 f202ba75436bc9c7e90e3c18c0e8d73a6303d25acd18aa72868577acd3e9a38c 1674552 libruby1.8_1.8.7.72-3lenny1_i386.deb
 5edb6db425fa49b598f243ee3f45e7dc63929a3c05676f7ec7150f53d9357a7d 1448898 libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
 7ca238218723f81b7ff605ee8bf5f189adc61dc1edbeb78af683a9c009bff204 824762 ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
 26c2cb1930bf1d6811c4be89b308285a3c61effa1b80617220f377e6a1558a80 264712 libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 2d641c255625a077918244e25bb1f7dba7a030a19b1574d6d440f7f817ef67c4 263564 libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 41a2c75f281059886493a6a7a5ce7d2c49a03f754e69458447ab9729413fb493 263846 libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
 3ebe8ba92536c94ac1303f0e237b0b24fae92c0ddaa49fc9c516f209af2926e8 1996318 libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
 f72d8bc8bbe80c46d5169d3f768b89763a5e86041a6252e0cd0a060a6a7cc34e 378588 libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
Files: 
 ee8fab4977d9a8ceeb4d54d8f801983a 1641 interpreters optional ruby1.8_1.8.7.72-3lenny1.dsc
 5e5b7189674b3a7f69401284f6a7a36d 4805594 interpreters optional ruby1.8_1.8.7.72.orig.tar.gz
 b176db79acaea95b6263c3971e2bda49 50437 interpreters optional ruby1.8_1.8.7.72-3lenny1.diff.gz
 3c1217cfaaebd3d72bb696c3d309a6fb 308396 interpreters optional ruby1.8-examples_1.8.7.72-3lenny1_all.deb
 eaed4e326f77664ecd3824c0e749ee89 278076 interpreters optional ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
 e6fd2021bd625212a9eb86a3853e9f44 1410008 interpreters optional ri1.8_1.8.7.72-3lenny1_all.deb
 22c353a878ab290a440b2ad3527bddf8 378512 doc optional rdoc1.8_1.8.7.72-3lenny1_all.deb
 ea1fb3987035a3cf40739a44ca6e3133 304454 interpreters optional irb1.8_1.8.7.72-3lenny1_all.deb
 d7086ed4eb7e99ec76df318d1e8a421c 283524 interpreters optional ruby1.8_1.8.7.72-3lenny1_i386.deb
 b916f4042c77ce78132458d65f94d0c0 1674552 libs optional libruby1.8_1.8.7.72-3lenny1_i386.deb
 d01cda762af82e639be488de872738ab 1448898 libdevel extra libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
 a4efdf9dcf2d2187e31a46a05060dfa9 824762 devel optional ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
 df9ea6fdead207738cf353d93244c308 264712 interpreters optional libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 e3f86af4c0db7384a5ce3349598557fb 263564 interpreters optional libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 b2978963f37844f3a6044ffc25dd1f9c 263846 interpreters optional libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
 b4ce32eb0c4723fa0c7e1f3e6e9ade0e 1996318 interpreters optional libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
 68d3bcf256702167fca19d689ba10e0c 378588 interpreters optional libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKgpevXzkxpuIT8aARApR/AJ4n2WJyjZ9GGmNtj2MbCHA4unud0ACfbI11
upKN5RI5rITmWeDk1yBr+I4=
=6wGa
-----END PGP SIGNATURE-----





Reply sent to Lucas Nussbaum <lucas@lucas-nussbaum.net>:
You have taken responsibility. (Mon, 17 Aug 2009 21:00:12 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Mon, 17 Aug 2009 21:00:12 GMT) Full text and rfc822 format available.

Message #37 received at 513528-close@bugs.debian.org (full text, mbox):

From: Lucas Nussbaum <lucas@lucas-nussbaum.net>
To: 513528-close@bugs.debian.org
Subject: Bug#513528: fixed in ruby1.9.1 1.9.1.243-1
Date: Mon, 17 Aug 2009 20:53:30 +0000
Source: ruby1.9.1
Source-Version: 1.9.1.243-1

We believe that the bug you reported is fixed in the latest version of
ruby1.9.1, which is due to be installed in the Debian FTP archive:

irb1.9.1_1.9.1.243-1_all.deb
  to pool/main/r/ruby1.9.1/irb1.9.1_1.9.1.243-1_all.deb
libdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
libgdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libgdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
libopenssl-ruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libopenssl-ruby1.9.1_1.9.1.243-1_amd64.deb
libreadline-ruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libreadline-ruby1.9.1_1.9.1.243-1_amd64.deb
libruby1.9.1-dbg_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libruby1.9.1-dbg_1.9.1.243-1_amd64.deb
libruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libruby1.9.1_1.9.1.243-1_amd64.deb
libtcltk-ruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/libtcltk-ruby1.9.1_1.9.1.243-1_amd64.deb
rdoc1.9.1_1.9.1.243-1_all.deb
  to pool/main/r/ruby1.9.1/rdoc1.9.1_1.9.1.243-1_all.deb
ri1.9.1_1.9.1.243-1_all.deb
  to pool/main/r/ruby1.9.1/ri1.9.1_1.9.1.243-1_all.deb
ruby1.9.1-dev_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/ruby1.9.1-dev_1.9.1.243-1_amd64.deb
ruby1.9.1-elisp_1.9.1.243-1_all.deb
  to pool/main/r/ruby1.9.1/ruby1.9.1-elisp_1.9.1.243-1_all.deb
ruby1.9.1-examples_1.9.1.243-1_all.deb
  to pool/main/r/ruby1.9.1/ruby1.9.1-examples_1.9.1.243-1_all.deb
ruby1.9.1_1.9.1.243-1.diff.gz
  to pool/main/r/ruby1.9.1/ruby1.9.1_1.9.1.243-1.diff.gz
ruby1.9.1_1.9.1.243-1.dsc
  to pool/main/r/ruby1.9.1/ruby1.9.1_1.9.1.243-1.dsc
ruby1.9.1_1.9.1.243-1_amd64.deb
  to pool/main/r/ruby1.9.1/ruby1.9.1_1.9.1.243-1_amd64.deb
ruby1.9.1_1.9.1.243.orig.tar.gz
  to pool/main/r/ruby1.9.1/ruby1.9.1_1.9.1.243.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 513528@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Lucas Nussbaum <lucas@lucas-nussbaum.net> (supplier of updated ruby1.9.1 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 30 Jul 2009 01:24:03 +0200
Source: ruby1.9.1
Binary: ruby1.9.1 libruby1.9.1 libruby1.9.1-dbg ruby1.9.1-dev libdbm-ruby1.9.1 libgdbm-ruby1.9.1 libreadline-ruby1.9.1 libtcltk-ruby1.9.1 libopenssl-ruby1.9.1 ruby1.9.1-examples ruby1.9.1-elisp ri1.9.1 rdoc1.9.1 irb1.9.1
Architecture: source all amd64
Version: 1.9.1.243-1
Distribution: unstable
Urgency: low
Maintainer: akira yamada <akira@debian.org>
Changed-By: Lucas Nussbaum <lucas@lucas-nussbaum.net>
Description: 
 irb1.9.1   - Interactive Ruby (for Ruby 1.9.1)
 libdbm-ruby1.9.1 - DBM interface for Ruby 1.9.1
 libgdbm-ruby1.9.1 - GDBM interface for Ruby 1.9.1
 libopenssl-ruby1.9.1 - OpenSSL interface for Ruby 1.9.1
 libreadline-ruby1.9.1 - Readline interface for Ruby 1.9.1
 libruby1.9.1 - Libraries necessary to run Ruby 1.9.1
 libruby1.9.1-dbg - Debugging symbols for Ruby 1.9.1
 libtcltk-ruby1.9.1 - Tcl/Tk interface for Ruby 1.9.1
 rdoc1.9.1  - Generate documentation from Ruby source files (for Ruby 1.9.1)
 ri1.9.1    - Ruby Interactive reference (for Ruby 1.9.1)
 ruby1.9.1  - Interpreter of object-oriented scripting language Ruby 1.9.1
 ruby1.9.1-dev - Header files for compiling extension modules for the Ruby 1.9.1
 ruby1.9.1-elisp - ruby-mode for Emacsen
 ruby1.9.1-examples - Examples for Ruby 1.9
Closes: 498977 510914 513528 514695 514696
Changes: 
 ruby1.9.1 (1.9.1.243-1) unstable; urgency=low
 .
   [ Daigo Moriwaki ]
   * debian/watch: corrected to follow the new versioning by the upstream such
     as 1.9.1-p0.tar.gz
   * Added debian/patches/090301_r22440_OCSP_basic_verify.dpatch  Not properly
     checking the return value of OCSP_basic_verify (Closes: #513528)
   * Added debian/patches/090803_exclude_rdoc.dpatch to avoid errors to
     for generating RDoc documents.
   * debian/fixshebang.sh: skip non-text files, which works around hanging of
     sed on scanning gif images.
   * The upstream's COPYING* is no longer installed (due to Debian policy).
     That informatin is included in debian/copyright.
   * debian/ruby1.9.1-elisp.emacsen-{remove|startup|install}: Corrected the
     package name.
 .
   [ Lucas Nussbaum ]
   * Build-Depends on procps. Closes: #510914.
   * Added patch 940_test_thread_mutex_sync_shorter: makes
     test_mutex_synchronize much shorter to deal with slow arches.
     Closes: #514696.
   * Added patch 940_hppa_disable_test_propag_signal: disable
     test_should_propagate signal on hppa.
     Closes: #514695.
   * Checked that 1.9.1.0 fixes CVE-2008-3905. Closes: #498977.
   * debian/patches cleanups. Removed obsolete patches.
   * Added 940_test_file_exhaustive_fails_as_root and
     940_test_priority_fails to deal with test suite failures.
   * Disable 102_skip_test_copy_stream and 104_skip_btest_io:
     I couldn't reproduce the failure on x86-64. Is it arch-specific?
   * common-post-build-arch:: fail if the test suites fail.
   * Fix location of vendor dir in configure option.
     /usr/lib[...], not usr/lib[...].
   * New upstream release: 1.9.1.243.
     + 090301_r22440_OCSP_basic_verify.dpatch no longer needed (was a
       backport)
     + Updated debian/generated-incs/*.
   * Added 090729_fix_Makefile_deps.dpatch: add dependency in common.mk
     between do-install-nodoc and $(PROGRAM).
   * Handle DEB_BUILD_OPTIONS="nocheck" to allow to skip the test suite.
   * Move manpages to debian/manpages/
   * Started the rename from *1.9 to *1.9.1: source package and binary
     packages done.
   * Fix building on lpia (Fixes: #532057).
   * Disable the test suite on hppa since it blocks because of strange
     signal semantics.
   * Bumped Standards-Version to 3.8.2. No changes needed.
   * Agree with ftpmaster's overrides.
Checksums-Sha1: 
 b02cea544532243faed45b45242b03e2cd934db6 1721 ruby1.9.1_1.9.1.243-1.dsc
 9545c175cc72a64cf5efb6f5c0a4a6760ef599e9 9043825 ruby1.9.1_1.9.1.243.orig.tar.gz
 b90b863e7a4630fa225e8529991b25b834ebe3dd 48297 ruby1.9.1_1.9.1.243-1.diff.gz
 699b4eaf2654af0a0e8b4316e90c638c258e382c 617258 ruby1.9.1-examples_1.9.1.243-1_all.deb
 8272c2bb08a00f05412245e6a7fd11042b0c2378 583306 ruby1.9.1-elisp_1.9.1.243-1_all.deb
 d5e7e27c5862a3be4e398d5d0cf846e1395783a4 1645356 ri1.9.1_1.9.1.243-1_all.deb
 417e828bdddb353ae31df002eb51175474261933 681640 rdoc1.9.1_1.9.1.243-1_all.deb
 895bee7cfd00071db01a839d7eb5539e2c807f71 608900 irb1.9.1_1.9.1.243-1_all.deb
 a98deeb1edd8c38b5df3116655c26a83f0a2ddcf 588880 ruby1.9.1_1.9.1.243-1_amd64.deb
 6e39bae0019f4d31c11e895abfd6112ee5fa0558 3573038 libruby1.9.1_1.9.1.243-1_amd64.deb
 4f1a0c5913ecb83a29d7d332c4ad09016ada83b7 3643896 libruby1.9.1-dbg_1.9.1.243-1_amd64.deb
 e6a0d66925444f9e524e42bd48aea3c24d3d4a97 1560630 ruby1.9.1-dev_1.9.1.243-1_amd64.deb
 00d0a7008c863c3b6cbd3913f866bc66c8b63a12 569746 libdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
 2f0a14037836200a09e1d0d11ee8064e233370e6 568652 libgdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
 5ff88cc27efc046432d5536088ebd89c6a8c207d 571564 libreadline-ruby1.9.1_1.9.1.243-1_amd64.deb
 6e0bb6d31c44fa3737154f76a3ce72dab010a7e3 2292192 libtcltk-ruby1.9.1_1.9.1.243-1_amd64.deb
 1d434e7bc06942913c9d1d993173743c6d0c144f 691922 libopenssl-ruby1.9.1_1.9.1.243-1_amd64.deb
Checksums-Sha256: 
 a71882095b98ab998392d3f503ce5ac9be33aa2fd761901c2618251435c6377d 1721 ruby1.9.1_1.9.1.243-1.dsc
 31598e37b3962643bec722921644957be6f8fb9a26f6c91fa627bd668ea68be4 9043825 ruby1.9.1_1.9.1.243.orig.tar.gz
 0fcfdbda2a8bfdcbfa547fee4622774284c41d9e89ff2f706b3bb164f572b95d 48297 ruby1.9.1_1.9.1.243-1.diff.gz
 7ca44a3126399abe95df79a99b2eebd88b70d94f9f3ac9c66f3acc2efe23f097 617258 ruby1.9.1-examples_1.9.1.243-1_all.deb
 82241283160b2311fbb443cf42a03f6745666f0ce436ecf13346866f6e41ef87 583306 ruby1.9.1-elisp_1.9.1.243-1_all.deb
 9bb4b06560f88e5494f971e4d4e3aa4c146aeb2b421a21772c0d55a1fd7a0e20 1645356 ri1.9.1_1.9.1.243-1_all.deb
 35d994486c4fb0f4b23d8767042b5ab1920170eddaa32910740e321bdf8ee8fd 681640 rdoc1.9.1_1.9.1.243-1_all.deb
 4cd6097261a1fecf09cf0aad6e4730d3dd922f189335e40e131997b829c228c8 608900 irb1.9.1_1.9.1.243-1_all.deb
 e3dd27c7cfe0efd4ffbe2786aa1c38447052390c8204674680f41d9de3fe9170 588880 ruby1.9.1_1.9.1.243-1_amd64.deb
 d91b8e6acb33288102804b6c35a770abd9c7ace78ad20593cef6b4aec4b804a6 3573038 libruby1.9.1_1.9.1.243-1_amd64.deb
 3a1b4915d9387895747b863c73cd4947f9f625239358263d3e3f876cab8e4871 3643896 libruby1.9.1-dbg_1.9.1.243-1_amd64.deb
 04fc2ea0c15c0d5cf7d5f720164088d7aee2f321539dca890f441cfe74c1eb3f 1560630 ruby1.9.1-dev_1.9.1.243-1_amd64.deb
 43c271eef57d743b6b50942662a42de76640d13c08c4945370ba570893d1846d 569746 libdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
 c6dbc568cecda9e476f15b6974bcaf85196ed5f6c925930372aad1550b395f1f 568652 libgdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
 f3f494e746892722dbe0f0d9d77b412da9dc2426054089c87c655bf42ef2b2c1 571564 libreadline-ruby1.9.1_1.9.1.243-1_amd64.deb
 d36573766395f9dacb3c82952b641bf7b06c7f55ce5588debc1794b5a79e2a99 2292192 libtcltk-ruby1.9.1_1.9.1.243-1_amd64.deb
 541ff6fa231f7f752e38b38249a154b32a5ed5edb7626c8f81f3b8d297a3b63a 691922 libopenssl-ruby1.9.1_1.9.1.243-1_amd64.deb
Files: 
 b6f040569a9badcd5df8d436580b06f0 1721 ruby optional ruby1.9.1_1.9.1.243-1.dsc
 515bfd965814e718c0943abf3dde5494 9043825 ruby optional ruby1.9.1_1.9.1.243.orig.tar.gz
 852405975283419ea5917a24f757e69b 48297 ruby optional ruby1.9.1_1.9.1.243-1.diff.gz
 4035dbc8e527786efb34a62e7a14b4a6 617258 ruby optional ruby1.9.1-examples_1.9.1.243-1_all.deb
 3caa329b700d66f50fa0f4b495070f02 583306 ruby optional ruby1.9.1-elisp_1.9.1.243-1_all.deb
 6bd4d9d1bb11dfc2f5788a2bff18d1dd 1645356 ruby optional ri1.9.1_1.9.1.243-1_all.deb
 b7b1ed9d4ec7ea86504d0f23976b59aa 681640 doc optional rdoc1.9.1_1.9.1.243-1_all.deb
 53c9686178777565d0e848ece4c9a52c 608900 ruby optional irb1.9.1_1.9.1.243-1_all.deb
 3e20932245a0f6dbbc6ec084a8c73c2e 588880 ruby optional ruby1.9.1_1.9.1.243-1_amd64.deb
 a5ab665f0368892ca89d87abfdb5b3d9 3573038 libs optional libruby1.9.1_1.9.1.243-1_amd64.deb
 0e3e5bcbaed01101db9517ff77ba9ddb 3643896 debug extra libruby1.9.1-dbg_1.9.1.243-1_amd64.deb
 510c49cceb9693767c7b457acb42fca4 1560630 ruby optional ruby1.9.1-dev_1.9.1.243-1_amd64.deb
 c8f0951429863868da55924f95db7bcc 569746 ruby optional libdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
 88cd62546e455f1b51b886834c1ea8b9 568652 ruby optional libgdbm-ruby1.9.1_1.9.1.243-1_amd64.deb
 02d51783e2d1b3a9a40fc6e00b3855ae 571564 ruby optional libreadline-ruby1.9.1_1.9.1.243-1_amd64.deb
 b4f3eb28930a124e77b8f1f0351b6a5a 2292192 ruby optional libtcltk-ruby1.9.1_1.9.1.243-1_amd64.deb
 79323f7af87b8ffcf966139d80087b1b 691922 ruby optional libopenssl-ruby1.9.1_1.9.1.243-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp86UsACgkQNcPj+ukc0lDV+gCeIzARduUWdw4I1g/MB1wHyXmn
c80An0QG495m29R7/Q4xnKnZHOuGngOn
=4egu
-----END PGP SIGNATURE-----





Reply sent to Daigo Moriwaki <daigo@debian.org>:
You have taken responsibility. (Sat, 22 Aug 2009 02:30:06 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Sat, 22 Aug 2009 02:30:06 GMT) Full text and rfc822 format available.

Message #42 received at 513528-close@bugs.debian.org (full text, mbox):

From: Daigo Moriwaki <daigo@debian.org>
To: 513528-close@bugs.debian.org
Subject: Bug#513528: fixed in ruby1.9 1.9.0.5-1
Date: Sat, 22 Aug 2009 01:59:20 +0000
Source: ruby1.9
Source-Version: 1.9.0.5-1

We believe that the bug you reported is fixed in the latest version of
ruby1.9, which is due to be installed in the Debian FTP archive:

irb1.9_1.9.0.5-1_all.deb
  to pool/main/r/ruby1.9/irb1.9_1.9.0.5-1_all.deb
libdbm-ruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libdbm-ruby1.9_1.9.0.5-1_amd64.deb
libgdbm-ruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0.5-1_amd64.deb
libopenssl-ruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0.5-1_amd64.deb
libreadline-ruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libreadline-ruby1.9_1.9.0.5-1_amd64.deb
libruby1.9-dbg_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libruby1.9-dbg_1.9.0.5-1_amd64.deb
libruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libruby1.9_1.9.0.5-1_amd64.deb
libtcltk-ruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0.5-1_amd64.deb
rdoc1.9_1.9.0.5-1_all.deb
  to pool/main/r/ruby1.9/rdoc1.9_1.9.0.5-1_all.deb
ri1.9_1.9.0.5-1_all.deb
  to pool/main/r/ruby1.9/ri1.9_1.9.0.5-1_all.deb
ruby1.9-dev_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/ruby1.9-dev_1.9.0.5-1_amd64.deb
ruby1.9-elisp_1.9.0.5-1_all.deb
  to pool/main/r/ruby1.9/ruby1.9-elisp_1.9.0.5-1_all.deb
ruby1.9-examples_1.9.0.5-1_all.deb
  to pool/main/r/ruby1.9/ruby1.9-examples_1.9.0.5-1_all.deb
ruby1.9_1.9.0.5-1.diff.gz
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.5-1.diff.gz
ruby1.9_1.9.0.5-1.dsc
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.5-1.dsc
ruby1.9_1.9.0.5-1_amd64.deb
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.5-1_amd64.deb
ruby1.9_1.9.0.5.orig.tar.gz
  to pool/main/r/ruby1.9/ruby1.9_1.9.0.5.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 513528@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daigo Moriwaki <daigo@debian.org> (supplier of updated ruby1.9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 22 Aug 2009 09:55:25 +0900
Source: ruby1.9
Binary: ruby1.9 libruby1.9 libruby1.9-dbg ruby1.9-dev libdbm-ruby1.9 libgdbm-ruby1.9 libreadline-ruby1.9 libtcltk-ruby1.9 libopenssl-ruby1.9 ruby1.9-examples ruby1.9-elisp ri1.9 rdoc1.9 irb1.9
Architecture: source all amd64
Version: 1.9.0.5-1
Distribution: unstable
Urgency: low
Maintainer: akira yamada <akira@debian.org>
Changed-By: Daigo Moriwaki <daigo@debian.org>
Description: 
 irb1.9     - Interactive Ruby (for Ruby 1.9)
 libdbm-ruby1.9 - DBM interface for Ruby 1.9
 libgdbm-ruby1.9 - GDBM interface for Ruby 1.9
 libopenssl-ruby1.9 - OpenSSL interface for Ruby 1.9
 libreadline-ruby1.9 - Readline interface for Ruby 1.9
 libruby1.9 - Libraries necessary to run Ruby 1.9
 libruby1.9-dbg - Debugging symbols for Ruby 1.9
 libtcltk-ruby1.9 - Tcl/Tk interface for Ruby 1.9
 rdoc1.9    - Generate documentation from Ruby source files (for Ruby 1.9)
 ri1.9      - Ruby Interactive reference (for Ruby 1.9)
 ruby1.9    - Interpreter of object-oriented scripting language Ruby 1.9
 ruby1.9-dev - Header files for compiling extension modules for the Ruby 1.9
 ruby1.9-elisp - ruby-mode for Emacsen
 ruby1.9-examples - Examples for Ruby 1.9
Closes: 510914 513528 514695 514696 532057 541026
Changes: 
 ruby1.9 (1.9.0.5-1) unstable; urgency=low
 .
   [ Daigo Moriwaki ]
   * debian/watch: corrected to follow the new versioning by the upstream such
     as 1.9.1-p0.tar.gz
   * Added debian/patches/090301_r22440_OCSP_basic_verify.dpatch: It did not
     properly check the return value from the OCSP_basic_verify function, which
     might allow remote attackers to successfully present an invalid X.509
     certificate, possibly involving a revoked certificate. [CVE-2009-0642]
     (Closes: #513528)
   * debian/rules:
     - fixshebang.sh runs on bash.
     - The upstream's COPYING* is no longer installed (due to Debian policy).
       That information is included in debian/copyright.
   * debian/patches/090803_exclude_rdoc.dpatch: ported from the ruby1.9.1
     package.
   * debian/control: Added misc depends.
   * debian/compat: Bumpled up the version to 7.
 .
   [ Lucas Nussbaum ]
   * New upstream release.
     + *.inc updated.
     + no longer needed (were backports):
       - 101_parse_rb
       - 103_array_c_r17570_to_r17756
       - 301_dns_spoofing_r18424
       - 302_r18220_webrick_DoS
       - 303_r17726_syslog_safeleve4
       - 304_r17577_trace_var_safeleve4
       - 305_r18496_dl_tain
       - 306_r17586_methods_called_safelevel13
       - 307_r19033_rexml_DoS
       - 308_regexp_segv
       - 930_zero_tainted
     + Refreshed:
       - 919_common.mk_tweaks
     + 102_skip_test_copy_stream: file changed upstream, might no
       longer be needed.
   * Fix building on lpia (Closes: #532057).
   * Disable the test suite on hppa since it blocks because of strange
     signal semantics. (Closes: #514695).
   * Agree with ftpmaster's overrides.
   * Bumped Standards-Version to 3.8.2. No changes needed.
   * Build-Depends on procps. Closes: #510914.
   * debian/fixshebang.sh: skip non-text files, which works around
     hanging of sed on scanning gif images.
   * Added 940_test_file_exhaustive_fails_as_root and
     940_test_priority_fails to deal with test suite failures.
   * Added patch 940_test_thread_mutex_sync_shorter: makes
     test_mutex_synchronize much shorter to deal with slow arches.
     Closes: #514696.
   * Removed Fumitoshi UKAI <ukai@debian.or.jp> from Uploaders. Thanks a
     lot for the past help! Closes: #541026.
Checksums-Sha1: 
 8a4989249a77a12e7d303ab560f5d1d823da800e 1629 ruby1.9_1.9.0.5-1.dsc
 efe207006a9c084a88e631c9e441108a3fa566c7 7341741 ruby1.9_1.9.0.5.orig.tar.gz
 eaf5ee4ae002117d874dab0a90db98171cdd5f35 54403 ruby1.9_1.9.0.5-1.diff.gz
 e57c0964e120f767e6cb8d03fdafa5a131c4f009 553394 ruby1.9-examples_1.9.0.5-1_all.deb
 cc8c9190a391a0eb35226834343be3018672944e 519012 ruby1.9-elisp_1.9.0.5-1_all.deb
 99df4d30563fbd3ba2fbbafe6f3f84734576db27 1535690 ri1.9_1.9.0.5-1_all.deb
 be0cd05a66cbfafd68b763ebfe2d3560f06b14fb 616678 rdoc1.9_1.9.0.5-1_all.deb
 bec84d49c2af222eaa4ae93e82d0d2771fd0508b 543668 irb1.9_1.9.0.5-1_all.deb
 78535f0562e69ce81dfe4a72ac52a6cd534f47f3 520640 ruby1.9_1.9.0.5-1_amd64.deb
 bd5db4becdc72bc0932e3022d603b01ff31e5c39 5919634 libruby1.9_1.9.0.5-1_amd64.deb
 afc107a2375161c16cf0d01157647f71015e3c34 497324 libruby1.9-dbg_1.9.0.5-1_amd64.deb
 55877b8a5492d6ea88bbf99ba87e0669b1baff9a 1466102 ruby1.9-dev_1.9.0.5-1_amd64.deb
 2d1a0766cb6293d8980eecc55a072293af02021d 506066 libdbm-ruby1.9_1.9.0.5-1_amd64.deb
 d034817227835e3899f3e0cc0dd9fb816bb978e6 505090 libgdbm-ruby1.9_1.9.0.5-1_amd64.deb
 cff670fbd342435d55c594e7ab09a721c0bad07e 507918 libreadline-ruby1.9_1.9.0.5-1_amd64.deb
 5649f3e895479c496c431f2f1166a30fbca1e19d 2230782 libtcltk-ruby1.9_1.9.0.5-1_amd64.deb
 c85bb99e72a94eab36b69d24ca3910e66537470e 628564 libopenssl-ruby1.9_1.9.0.5-1_amd64.deb
Checksums-Sha256: 
 ed6ba1021494c5c2e30b2dfa21803a6652988ffd4e3079172615ecb08994e60c 1629 ruby1.9_1.9.0.5-1.dsc
 a22dab43ef392ae57329823152f238d2b64cea09ff3eca087230d8c94e9bf8ea 7341741 ruby1.9_1.9.0.5.orig.tar.gz
 66267456aa1e733bb7033ac5e7917adf85a07ed3f1671deaa7d8c0c4e111c3a2 54403 ruby1.9_1.9.0.5-1.diff.gz
 b824a8030796a1bde0ebb61e8018021a5643437526b06edbc916e3c0a14d31d6 553394 ruby1.9-examples_1.9.0.5-1_all.deb
 c148d407254c8017c74592f9fac733521b17363bb0420834458e02c8e69a7bc9 519012 ruby1.9-elisp_1.9.0.5-1_all.deb
 a114c38ed207fa79b6a3565dc6638bd48d5463bad1b5b970c35a2891c090dcce 1535690 ri1.9_1.9.0.5-1_all.deb
 08903bdc0de33627dbaae22ae8eeea3af63e66775d4e2e90799bf6a07b7ee11c 616678 rdoc1.9_1.9.0.5-1_all.deb
 a5828c76595172091944db0c8183ff6ce62271d331b95e97f3efce561e92f651 543668 irb1.9_1.9.0.5-1_all.deb
 e13dcc06b58f91b446c8e55b2d35a203b7db66d69c567ef647b73e3a0c94b38f 520640 ruby1.9_1.9.0.5-1_amd64.deb
 88b62174d3d04b706cb86876933e4dda9146c2d504e18a34c80a775cfc00fbd1 5919634 libruby1.9_1.9.0.5-1_amd64.deb
 f7410957a252df1466c928da23c48d560b37d400e78707af581b346ea5d41993 497324 libruby1.9-dbg_1.9.0.5-1_amd64.deb
 71ec42414d50ceeefc3adc99dfd31765aca6be1c587e9563864fee38023c35a2 1466102 ruby1.9-dev_1.9.0.5-1_amd64.deb
 7a3186fbd397397ea91a8dbaa0abe447dddd8e444ee3a41c63c41591a800d7ca 506066 libdbm-ruby1.9_1.9.0.5-1_amd64.deb
 9b3c533d162346cf8a9391c8b1ceb518d0dc69f4f8ec9d74b233764ceff64e7a 505090 libgdbm-ruby1.9_1.9.0.5-1_amd64.deb
 3cebb4d84342dbca70929ef2616cd60a73e66e43b27b0b996346feb1cc9136fb 507918 libreadline-ruby1.9_1.9.0.5-1_amd64.deb
 e34443b15b7710e3d518d72fd8d08f74ae42f064eaad951878c0b210f01d3fcb 2230782 libtcltk-ruby1.9_1.9.0.5-1_amd64.deb
 c043dad493cee872dbf46e3448e494d792c470b076ca7905e7fa697ee16ac547 628564 libopenssl-ruby1.9_1.9.0.5-1_amd64.deb
Files: 
 ed6512aeaa8de91ce1bda8de968d9d6a 1629 ruby optional ruby1.9_1.9.0.5-1.dsc
 d7fe45dbdce8ab4d6e5c0466246d1e94 7341741 ruby optional ruby1.9_1.9.0.5.orig.tar.gz
 7bc996a4a3ca2269e12f201036bd810c 54403 ruby optional ruby1.9_1.9.0.5-1.diff.gz
 e778b3f72027d47e9d708dbebbba0dda 553394 ruby optional ruby1.9-examples_1.9.0.5-1_all.deb
 c38c3a53a58864919eab07be5c8f9504 519012 ruby optional ruby1.9-elisp_1.9.0.5-1_all.deb
 4dbbcf5f896b3aa278ed26f599060ccb 1535690 ruby optional ri1.9_1.9.0.5-1_all.deb
 384454a25665d3497090e2208e02dc87 616678 doc optional rdoc1.9_1.9.0.5-1_all.deb
 3b6772c9e3ce8c002a0c4edecc77416a 543668 ruby optional irb1.9_1.9.0.5-1_all.deb
 5899fada5a459f1c6f082af484d568da 520640 ruby optional ruby1.9_1.9.0.5-1_amd64.deb
 65a18c3747bf011e53400a1153b4a9f5 5919634 ruby optional libruby1.9_1.9.0.5-1_amd64.deb
 c25734c4206d06782468f3b5f5edafc0 497324 debug extra libruby1.9-dbg_1.9.0.5-1_amd64.deb
 dd71442aefb5d37b13999050f4c10173 1466102 ruby optional ruby1.9-dev_1.9.0.5-1_amd64.deb
 b3ccff6884e870c2a67f2d2d2213396b 506066 ruby optional libdbm-ruby1.9_1.9.0.5-1_amd64.deb
 2a46eb848ff2f744fcfb31a5e84719fa 505090 ruby optional libgdbm-ruby1.9_1.9.0.5-1_amd64.deb
 c7e46162fc8dc46569f7eba73346437d 507918 ruby optional libreadline-ruby1.9_1.9.0.5-1_amd64.deb
 7e23dad117d5cb9f3244e48a9b39887b 2230782 ruby optional libtcltk-ruby1.9_1.9.0.5-1_amd64.deb
 d38790c7bdc1f1c92c767d099df6a027 628564 ruby optional libopenssl-ruby1.9_1.9.0.5-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqPTWsACgkQNcPj+ukc0lCgfQCfa5SZBHU4QsV7/meWPJtun7Q5
/IUAoMeTH3kCHNPbqifG01qK7gmN4pwO
=9NCr
-----END PGP SIGNATURE-----





Reply sent to akira yamada <akira@debian.org>:
You have taken responsibility. (Fri, 04 Sep 2009 19:21:15 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Fri, 04 Sep 2009 19:21:15 GMT) Full text and rfc822 format available.

Message #47 received at 513528-close@bugs.debian.org (full text, mbox):

From: akira yamada <akira@debian.org>
To: 513528-close@bugs.debian.org
Subject: Bug#513528: fixed in ruby1.8 1.8.7.72-3lenny1
Date: Fri, 04 Sep 2009 18:32:47 +0000
Source: ruby1.8
Source-Version: 1.8.7.72-3lenny1

We believe that the bug you reported is fixed in the latest version of
ruby1.8, which is due to be installed in the Debian FTP archive:

irb1.8_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/irb1.8_1.8.7.72-3lenny1_all.deb
libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
libruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libruby1.8_1.8.7.72-3lenny1_i386.deb
libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
rdoc1.8_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/rdoc1.8_1.8.7.72-3lenny1_all.deb
ri1.8_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/ri1.8_1.8.7.72-3lenny1_all.deb
ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
ruby1.8-examples_1.8.7.72-3lenny1_all.deb
  to pool/main/r/ruby1.8/ruby1.8-examples_1.8.7.72-3lenny1_all.deb
ruby1.8_1.8.7.72-3lenny1.diff.gz
  to pool/main/r/ruby1.8/ruby1.8_1.8.7.72-3lenny1.diff.gz
ruby1.8_1.8.7.72-3lenny1.dsc
  to pool/main/r/ruby1.8/ruby1.8_1.8.7.72-3lenny1.dsc
ruby1.8_1.8.7.72-3lenny1_i386.deb
  to pool/main/r/ruby1.8/ruby1.8_1.8.7.72-3lenny1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 513528@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
akira yamada <akira@debian.org> (supplier of updated ruby1.8 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 Jul 2009 17:17:38 +0900
Source: ruby1.8
Binary: ruby1.8 libruby1.8 libruby1.8-dbg ruby1.8-dev libdbm-ruby1.8 libgdbm-ruby1.8 libreadline-ruby1.8 libtcltk-ruby1.8 libopenssl-ruby1.8 ruby1.8-examples ruby1.8-elisp ri1.8 rdoc1.8 irb1.8
Architecture: source all i386
Version: 1.8.7.72-3lenny1
Distribution: stable-security
Urgency: high
Maintainer: akira yamada <akira@debian.org>
Changed-By: akira yamada <akira@debian.org>
Description: 
 irb1.8     - Interactive Ruby (for Ruby 1.8)
 libdbm-ruby1.8 - DBM interface for Ruby 1.8
 libgdbm-ruby1.8 - GDBM interface for Ruby 1.8
 libopenssl-ruby1.8 - OpenSSL interface for Ruby 1.8
 libreadline-ruby1.8 - Readline interface for Ruby 1.8
 libruby1.8 - Libraries necessary to run Ruby 1.8
 libruby1.8-dbg - Debugging symbols for Ruby 1.8
 libtcltk-ruby1.8 - Tcl/Tk interface for Ruby 1.8
 rdoc1.8    - Generate documentation from Ruby source files (for Ruby 1.8)
 ri1.8      - Ruby Interactive reference (for Ruby 1.8)
 ruby1.8    - Interpreter of object-oriented scripting language Ruby 1.8
 ruby1.8-dev - Header files for compiling extension modules for the Ruby 1.8
 ruby1.8-elisp - ruby-mode for Emacsen
 ruby1.8-examples - Examples for Ruby 1.8
Closes: 513528 532689
Changes: 
 ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high
 .
   * added patch: 932_CVE-2009-1904 (closes: #532689)
     It fixes BigDecimal DoS vulnerability (CVE-2009-1904).  (backported from
     1.8.7-p172 and 1.8.7-p174)
   * Add upstream patch to properly check return values of the
     OCSP_basic_verify function (CVE-2009-0642; Closes: #513528)
Checksums-Sha1: 
 019896fc78564c7ca9e7fc26635657573ca7dbae 1641 ruby1.8_1.8.7.72-3lenny1.dsc
 fe1c5ffad9924076f36768890255f022c51f9a4e 4805594 ruby1.8_1.8.7.72.orig.tar.gz
 93dfb3ef2703ceb2d209c06ce71c99d1abd2b873 50437 ruby1.8_1.8.7.72-3lenny1.diff.gz
 d2eef4cd8c6e33df4a8e5e85e4c39f0ec5f8493a 308396 ruby1.8-examples_1.8.7.72-3lenny1_all.deb
 dabfde68046edd664760ec79e4af21787e154956 278076 ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
 58e08a9062b7908c9157402f505d34eaad5db3e8 1410008 ri1.8_1.8.7.72-3lenny1_all.deb
 267ee10293a73405547768781fed964abfebe58c 378512 rdoc1.8_1.8.7.72-3lenny1_all.deb
 9ed5bb7367f3637e6c83d9ecd43e02203c19959a 304454 irb1.8_1.8.7.72-3lenny1_all.deb
 77b980aaf7dde6eee79e7511990e699ddaf9bcfc 283524 ruby1.8_1.8.7.72-3lenny1_i386.deb
 646fd704be4d68c2d84d59d55aee92b53ea53f2d 1674552 libruby1.8_1.8.7.72-3lenny1_i386.deb
 b048c66e81aa924f195ee04efcc0ed9484410fef 1448898 libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
 942158602c531647ccdf3c0a2839b6738b28e59d 824762 ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
 4fa0b4e821591fd61f56fce1c3ad96654cd2edca 264712 libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 a8d83283f83a44311ad6662b77c0f16613d23ea8 263564 libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 16e221e8712ede5524352214ab94b7080d639ac8 263846 libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
 fe5cb22c08e0a72e3c183d996462e5aff10d07e1 1996318 libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
 fd3db92ad8b44a99ac9fd0c950489f4296eec3b2 378588 libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
Checksums-Sha256: 
 48e0ede7cf79addfc180d9f064c31b32a7d4fd0ddc36821473b85d613a5bcc82 1641 ruby1.8_1.8.7.72-3lenny1.dsc
 e15ca005076f5d6f91fc856fdfbd071698a4cadac3c6e25855899dba1f6fc5ef 4805594 ruby1.8_1.8.7.72.orig.tar.gz
 5d31dad9baf1b30c9538e7d96228e396249d3b852708c7092f407ab47af18358 50437 ruby1.8_1.8.7.72-3lenny1.diff.gz
 2e465d55db66904639d646895d119bae8f9cabd355f751ae07fe0dc1d003ad28 308396 ruby1.8-examples_1.8.7.72-3lenny1_all.deb
 beb7731a816d690f4d66b5c72da9f5e6688f313daee35a9f72f75b8e82692918 278076 ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
 7ab498541decb7c8fbd2ebbae989858f0c4c594a686c0add94fee739e8221cb7 1410008 ri1.8_1.8.7.72-3lenny1_all.deb
 f635a0d7b32360e6f0ee47f9e1ddd97ba20fde9f92eeef0a2087db03b279f492 378512 rdoc1.8_1.8.7.72-3lenny1_all.deb
 12ec465866683e14017b4f56a61d39bbe7c6efd9d3d383439285afa47c8dba6d 304454 irb1.8_1.8.7.72-3lenny1_all.deb
 81c84515aeb36ca11b1e81e5eb0802e1cbe8f70ba70e3c65ebaeb691dccc397e 283524 ruby1.8_1.8.7.72-3lenny1_i386.deb
 f202ba75436bc9c7e90e3c18c0e8d73a6303d25acd18aa72868577acd3e9a38c 1674552 libruby1.8_1.8.7.72-3lenny1_i386.deb
 5edb6db425fa49b598f243ee3f45e7dc63929a3c05676f7ec7150f53d9357a7d 1448898 libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
 7ca238218723f81b7ff605ee8bf5f189adc61dc1edbeb78af683a9c009bff204 824762 ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
 26c2cb1930bf1d6811c4be89b308285a3c61effa1b80617220f377e6a1558a80 264712 libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 2d641c255625a077918244e25bb1f7dba7a030a19b1574d6d440f7f817ef67c4 263564 libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 41a2c75f281059886493a6a7a5ce7d2c49a03f754e69458447ab9729413fb493 263846 libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
 3ebe8ba92536c94ac1303f0e237b0b24fae92c0ddaa49fc9c516f209af2926e8 1996318 libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
 f72d8bc8bbe80c46d5169d3f768b89763a5e86041a6252e0cd0a060a6a7cc34e 378588 libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb
Files: 
 ee8fab4977d9a8ceeb4d54d8f801983a 1641 interpreters optional ruby1.8_1.8.7.72-3lenny1.dsc
 5e5b7189674b3a7f69401284f6a7a36d 4805594 interpreters optional ruby1.8_1.8.7.72.orig.tar.gz
 b176db79acaea95b6263c3971e2bda49 50437 interpreters optional ruby1.8_1.8.7.72-3lenny1.diff.gz
 3c1217cfaaebd3d72bb696c3d309a6fb 308396 interpreters optional ruby1.8-examples_1.8.7.72-3lenny1_all.deb
 eaed4e326f77664ecd3824c0e749ee89 278076 interpreters optional ruby1.8-elisp_1.8.7.72-3lenny1_all.deb
 e6fd2021bd625212a9eb86a3853e9f44 1410008 interpreters optional ri1.8_1.8.7.72-3lenny1_all.deb
 22c353a878ab290a440b2ad3527bddf8 378512 doc optional rdoc1.8_1.8.7.72-3lenny1_all.deb
 ea1fb3987035a3cf40739a44ca6e3133 304454 interpreters optional irb1.8_1.8.7.72-3lenny1_all.deb
 d7086ed4eb7e99ec76df318d1e8a421c 283524 interpreters optional ruby1.8_1.8.7.72-3lenny1_i386.deb
 b916f4042c77ce78132458d65f94d0c0 1674552 libs optional libruby1.8_1.8.7.72-3lenny1_i386.deb
 d01cda762af82e639be488de872738ab 1448898 libdevel extra libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb
 a4efdf9dcf2d2187e31a46a05060dfa9 824762 devel optional ruby1.8-dev_1.8.7.72-3lenny1_i386.deb
 df9ea6fdead207738cf353d93244c308 264712 interpreters optional libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 e3f86af4c0db7384a5ce3349598557fb 263564 interpreters optional libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb
 b2978963f37844f3a6044ffc25dd1f9c 263846 interpreters optional libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb
 b4ce32eb0c4723fa0c7e1f3e6e9ade0e 1996318 interpreters optional libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb
 68d3bcf256702167fca19d689ba10e0c 378588 interpreters optional libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKgpevXzkxpuIT8aARApR/AJ4n2WJyjZ9GGmNtj2MbCHA4unud0ACfbI11
upKN5RI5rITmWeDk1yBr+I4=
=6wGa
-----END PGP SIGNATURE-----





Reply sent to akira yamada <akira@debian.org>:
You have taken responsibility. (Thu, 17 Dec 2009 00:42:18 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Thu, 17 Dec 2009 00:42:18 GMT) Full text and rfc822 format available.

Message #52 received at 513528-close@bugs.debian.org (full text, mbox):

From: akira yamada <akira@debian.org>
To: 513528-close@bugs.debian.org
Subject: Bug#513528: fixed in ruby1.9 1.9.0.2-9lenny1
Date: Thu, 17 Dec 2009 00:39:08 +0000
Source: ruby1.9
Source-Version: 1.9.0.2-9lenny1

We believe that the bug you reported is fixed in the latest version of
ruby1.9, which is due to be installed in the Debian FTP archive:

irb1.9_1.9.0.2-9lenny1_all.deb
  to main/r/ruby1.9/irb1.9_1.9.0.2-9lenny1_all.deb
libdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
libgdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libgdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
libopenssl-ruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libopenssl-ruby1.9_1.9.0.2-9lenny1_i386.deb
libreadline-ruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libreadline-ruby1.9_1.9.0.2-9lenny1_i386.deb
libruby1.9-dbg_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libruby1.9-dbg_1.9.0.2-9lenny1_i386.deb
libruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libruby1.9_1.9.0.2-9lenny1_i386.deb
libtcltk-ruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/libtcltk-ruby1.9_1.9.0.2-9lenny1_i386.deb
rdoc1.9_1.9.0.2-9lenny1_all.deb
  to main/r/ruby1.9/rdoc1.9_1.9.0.2-9lenny1_all.deb
ri1.9_1.9.0.2-9lenny1_all.deb
  to main/r/ruby1.9/ri1.9_1.9.0.2-9lenny1_all.deb
ruby1.9-dev_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/ruby1.9-dev_1.9.0.2-9lenny1_i386.deb
ruby1.9-elisp_1.9.0.2-9lenny1_all.deb
  to main/r/ruby1.9/ruby1.9-elisp_1.9.0.2-9lenny1_all.deb
ruby1.9-examples_1.9.0.2-9lenny1_all.deb
  to main/r/ruby1.9/ruby1.9-examples_1.9.0.2-9lenny1_all.deb
ruby1.9_1.9.0.2-9lenny1.diff.gz
  to main/r/ruby1.9/ruby1.9_1.9.0.2-9lenny1.diff.gz
ruby1.9_1.9.0.2-9lenny1.dsc
  to main/r/ruby1.9/ruby1.9_1.9.0.2-9lenny1.dsc
ruby1.9_1.9.0.2-9lenny1_i386.deb
  to main/r/ruby1.9/ruby1.9_1.9.0.2-9lenny1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 513528@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
akira yamada <akira@debian.org> (supplier of updated ruby1.9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 Jul 2009 16:21:55 +0900
Source: ruby1.9
Binary: ruby1.9 libruby1.9 libruby1.9-dbg ruby1.9-dev libdbm-ruby1.9 libgdbm-ruby1.9 libreadline-ruby1.9 libtcltk-ruby1.9 libopenssl-ruby1.9 ruby1.9-examples ruby1.9-elisp ri1.9 rdoc1.9 irb1.9
Architecture: source all i386
Version: 1.9.0.2-9lenny1
Distribution: stable-security
Urgency: high
Maintainer: akira yamada <akira@debian.org>
Changed-By: akira yamada <akira@debian.org>
Description: 
 irb1.9     - Interactive Ruby (for Ruby 1.9)
 libdbm-ruby1.9 - DBM interface for Ruby 1.9
 libgdbm-ruby1.9 - GDBM interface for Ruby 1.9
 libopenssl-ruby1.9 - OpenSSL interface for Ruby 1.9
 libreadline-ruby1.9 - Readline interface for Ruby 1.9
 libruby1.9 - Libraries necessary to run Ruby 1.9
 libruby1.9-dbg - Debugging symbols for Ruby 1.9
 libtcltk-ruby1.9 - Tcl/Tk interface for Ruby 1.9
 rdoc1.9    - Generate documentation from Ruby source files (for Ruby 1.9)
 ri1.9      - Ruby Interactive reference (for Ruby 1.9)
 ruby1.9    - Interpreter of object-oriented scripting language Ruby 1.9
 ruby1.9-dev - Header files for compiling extension modules for the Ruby 1.9
 ruby1.9-elisp - ruby-mode for Emacsen
 ruby1.9-examples - Examples for Ruby 1.9
Closes: 513528
Changes: 
 ruby1.9 (1.9.0.2-9lenny1) stable-security; urgency=high
 .
   * added patch: 932_CVE-2009-1904 (ref: #532689)
     It fixes BigDecimal DoS vulnerability (CVE-2009-1904).  (backported from
     1.8.7-p172 and 1.8.7-p174)
   * Add upstream patch to properly check return values of the
     OCSP_basic_verify function (CVE-2009-0642; Closes: #513528)
Checksums-Sha1: 
 27a98fcc1e28a0e21b76329c8d1af0806b0e52e5 1667 ruby1.9_1.9.0.2-9lenny1.dsc
 7582f8e68cdd3e8fdf8ade842a5ed0be0fc01ed7 6407910 ruby1.9_1.9.0.2.orig.tar.gz
 3de190f66b32ba2c2e1dd35c42726a64254d59ea 53625 ruby1.9_1.9.0.2-9lenny1.diff.gz
 9a44a891740e01f0b833eef9ef73d0bc6168c0dd 481818 ruby1.9-examples_1.9.0.2-9lenny1_all.deb
 4fc654f77c472d4a91885b5a3e27e46db2e9c76c 449352 ruby1.9-elisp_1.9.0.2-9lenny1_all.deb
 2aed878754fdd7a5e01f75092648185a93750a27 1431978 ri1.9_1.9.0.2-9lenny1_all.deb
 93a983318e7312a5c125412de6f18b04de78dd73 536898 rdoc1.9_1.9.0.2-9lenny1_all.deb
 e8d7fc7bd7be338e7d5c32ac886f85aecc555908 474392 irb1.9_1.9.0.2-9lenny1_all.deb
 50268c69ab118753b60859205896cceeee1eb272 452186 ruby1.9_1.9.0.2-9lenny1_i386.deb
 be869215f3432ff8599e4c0badec97653356b479 2553242 libruby1.9_1.9.0.2-9lenny1_i386.deb
 6f74b92dc461fbad1b89e9ba748aef69e77dd1e1 2329338 libruby1.9-dbg_1.9.0.2-9lenny1_i386.deb
 25e3ac9c8ff43b26510325758e5312c93fc34c21 1310038 ruby1.9-dev_1.9.0.2-9lenny1_i386.deb
 7e1ad26e67915ced02f0a942b80a32afb3933123 435492 libdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
 2fb48c7ef0d6f1e5e057117fb10bf6b75674f9c1 434844 libgdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
 17b0c90c5a7dd91455de18db7fd6c81369bb26db 435116 libreadline-ruby1.9_1.9.0.2-9lenny1_i386.deb
 917b94251d77a10635680e04f78b63b138015cee 2174782 libtcltk-ruby1.9_1.9.0.2-9lenny1_i386.deb
 ddcbf6cf630998998873a2ebfa4a45a467c35fc1 545646 libopenssl-ruby1.9_1.9.0.2-9lenny1_i386.deb
Checksums-Sha256: 
 5db674ae9eb684d35b8d124023deaf77bc5af22d61454cc625b7041a573c7d95 1667 ruby1.9_1.9.0.2-9lenny1.dsc
 f6ec21d1e23e36a7a1c17ae838e1c278cd3896715bc65ceee021261c317451e4 6407910 ruby1.9_1.9.0.2.orig.tar.gz
 d06385c019cf3b481d403da99bb80cf8bb5d15d338312c9b69243663dbb6399b 53625 ruby1.9_1.9.0.2-9lenny1.diff.gz
 46981c1cf6c1891f9a0de051b6a7b29e1fed8dad458fc0e353cdc5d54ef880d4 481818 ruby1.9-examples_1.9.0.2-9lenny1_all.deb
 2583e3cdb1fb7e803b31763e2eda8c44eef874cd3dc79addbef9dd5b3573a2a4 449352 ruby1.9-elisp_1.9.0.2-9lenny1_all.deb
 82e2b578be51a22436b3cb96a284f660f9e947eadede337addec7ee86d24baa6 1431978 ri1.9_1.9.0.2-9lenny1_all.deb
 6a09c17e360981423ce1a0398965d05ddc5eeb083f8279e40df2183b2d8d4f9f 536898 rdoc1.9_1.9.0.2-9lenny1_all.deb
 d2d5cf07168a5539814f65bf0b0d280c6e38b278d5ffd463846e85f7368506ef 474392 irb1.9_1.9.0.2-9lenny1_all.deb
 c3e6627c07fef10eb7a75ed984a6f1eda82717bad302039283aa6fe8780b90fd 452186 ruby1.9_1.9.0.2-9lenny1_i386.deb
 6343fb44302f5ef5c990fb639a0b78105a69670ca62f7068d7ad501c0989399a 2553242 libruby1.9_1.9.0.2-9lenny1_i386.deb
 8cc78960278c7b8ce6c9ed22f321ea70d90d947eb0bdb5a38f3cf4c47c49a622 2329338 libruby1.9-dbg_1.9.0.2-9lenny1_i386.deb
 d3dbe79703ce9679ac47920df88806bba291cb5b0b7ea96421692fa804a756dc 1310038 ruby1.9-dev_1.9.0.2-9lenny1_i386.deb
 9187c615ace87dc0cb88c504be6a0c2ee2f2b716b617b176d2720e6d91879f0d 435492 libdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
 c69a5de9136022d0b71be1338c46c2eb580605bcb94c7097fdff92a4a2fe2a55 434844 libgdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
 6894569c514be593993d3effc4f3b2d23ed0d0b5b23fc12d9c65658bc44e8bf0 435116 libreadline-ruby1.9_1.9.0.2-9lenny1_i386.deb
 15589fe15d912972b9a8eb441cd942f3688db743f9a1711795a7896f2d23be38 2174782 libtcltk-ruby1.9_1.9.0.2-9lenny1_i386.deb
 c35dfe7aadc16169c70533f5521c2b436c47cb05421c2401e33f8080e47dd968 545646 libopenssl-ruby1.9_1.9.0.2-9lenny1_i386.deb
Files: 
 b9f34023c78ac97a7bfeb71919a21faa 1667 interpreters optional ruby1.9_1.9.0.2-9lenny1.dsc
 2a848b81ed1d6393b88eec8aa6173b75 6407910 interpreters optional ruby1.9_1.9.0.2.orig.tar.gz
 d9974ae779b6c65077141cf8522912ee 53625 interpreters optional ruby1.9_1.9.0.2-9lenny1.diff.gz
 4eda15071b908b855b51ab101da6927d 481818 interpreters optional ruby1.9-examples_1.9.0.2-9lenny1_all.deb
 db6093b7d6350cb1a7d1483825b4187b 449352 interpreters optional ruby1.9-elisp_1.9.0.2-9lenny1_all.deb
 9bb7a68928048b7688f75c9eedb6a17b 1431978 interpreters optional ri1.9_1.9.0.2-9lenny1_all.deb
 a183ca85e9b28a2655b5cfd5407fcc8c 536898 doc optional rdoc1.9_1.9.0.2-9lenny1_all.deb
 0e46640cd57c61869af57e9313bcce50 474392 interpreters optional irb1.9_1.9.0.2-9lenny1_all.deb
 f66d0514c262e3ae88fa42edc3dd1732 452186 interpreters optional ruby1.9_1.9.0.2-9lenny1_i386.deb
 901952b2e983e310f2592708d2ab7cad 2553242 libs optional libruby1.9_1.9.0.2-9lenny1_i386.deb
 4b26c9cfcc4bd214f9c7ced72c1de45b 2329338 libdevel extra libruby1.9-dbg_1.9.0.2-9lenny1_i386.deb
 00afb0eff2ce23eecb63b8452cdba7f7 1310038 devel optional ruby1.9-dev_1.9.0.2-9lenny1_i386.deb
 bc971a776f87ad0a34fb4f5817546360 435492 interpreters optional libdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
 1ae9967dfd597ae8aa3b838a3d7e33a7 434844 interpreters optional libgdbm-ruby1.9_1.9.0.2-9lenny1_i386.deb
 a20f5ac6cfb2d2666eba58458a9a854d 435116 interpreters optional libreadline-ruby1.9_1.9.0.2-9lenny1_i386.deb
 862da330e681290fd870b50581454d17 2174782 interpreters optional libtcltk-ruby1.9_1.9.0.2-9lenny1_i386.deb
 795fdc7c12ab66721ae5fc7fc4e5353f 545646 interpreters optional libopenssl-ruby1.9_1.9.0.2-9lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKgpe6XzkxpuIT8aARAi9dAJ4puxLlgpujO3A3SZsMCRxlcPJs8wCeNPnh
JUoCMvHMmqBUWqpw419/XEI=
=RHvj
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 31 Jan 2010 07:31:37 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 08:40:04 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.