-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 07 Jun 2016 11:00:04 +0200 Source: ruby2.1 Binary: ruby2.1 libruby2.1 ruby2.1-dev ruby2.1-doc ruby2.1-tcltk Architecture: i386 Version: 2.1.5-2+deb8u3 Distribution: jessie Urgency: low Maintainer: amd64 Build Daemon (binet) Changed-By: Petter Reinholdtsen Description: libruby2.1 - Libraries necessary to run Ruby 2.1 ruby2.1 - Interpreter of object-oriented scripting language Ruby ruby2.1-dev - Header files for compiling extension modules for the Ruby 2.1 ruby2.1-doc - Documentation for Ruby 2.1 ruby2.1-tcltk - Ruby/Tk for Ruby 2.1 Closes: 796344 Changes: ruby2.1 (2.1.5-2+deb8u3) jessie; urgency=low . * Non-maintainer upload to fix security problem. * Fix CVE-2009-5147: DL::dlopen should not open a library with tainted library name in safe mode (Closes: #796344). Based on patch used in DLA-299-1, which was pulled from upstream. * Fix CVE-2015-7551: Fiddle handles should not call functions with tainted function names (Closes: #796344). Patch pulled from upstream. Checksums-Sha1: bcef9c2161ce9c89e5b748ea3f8e869ff0eccdbe 275320 ruby2.1_2.1.5-2+deb8u3_i386.deb 344db379a4efc6a8726cf0cfe28c9b754a4c8155 3417922 libruby2.1_2.1.5-2+deb8u3_i386.deb 99cc0b4a52a5e144dd838bb6d41688d68eececae 1174238 ruby2.1-dev_2.1.5-2+deb8u3_i386.deb 6c39985920962598ecc3e05d23c8dc048e1f5f52 480346 ruby2.1-tcltk_2.1.5-2+deb8u3_i386.deb Checksums-Sha256: a4a4bc893ce5b432175d9c86bd1a0408fa1d73c0b86b5c33855e7b44fb40dc5e 275320 ruby2.1_2.1.5-2+deb8u3_i386.deb 66896fd2d716b9057eb3bcace654fb0d427c5b0208c2d4a6fad23b7748e7a2d5 3417922 libruby2.1_2.1.5-2+deb8u3_i386.deb 9d861c866c5aa2c9c1c17d35c8975ba28f1909292e6c4424cb9d4117ce274011 1174238 ruby2.1-dev_2.1.5-2+deb8u3_i386.deb e8ff20260be212a8533459f38ba02b63b4cb802a86f528bf3f0ffe1df198e559 480346 ruby2.1-tcltk_2.1.5-2+deb8u3_i386.deb Files: 5c5b9099ffcf4545d6417ec2422c6c0f 275320 ruby extra ruby2.1_2.1.5-2+deb8u3_i386.deb 13f0f05776fb302e4445941adc75dafb 3417922 libs extra libruby2.1_2.1.5-2+deb8u3_i386.deb 0ee3bb6e1f2db177aef1b80ed524e902 1174238 ruby extra ruby2.1-dev_2.1.5-2+deb8u3_i386.deb a2853306cab317272b01fc58aad83ecc 480346 ruby extra ruby2.1-tcltk_2.1.5-2+deb8u3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJXV6MBAAoJEEQSPqnl82l3jDcP/AhXeNMkGuGbqSKi3IebBQaV fENtTQsMj1PDWZ5AndQv1djlO0UsGAWxqZokELp8j9yVJLtOZ7W12Fnn6ZTD7dGH VKPtuY26xSuXsaWxON6DuUzA9aqFqu5QF0DxdAy943QzsvBFi6lt2gVkgiznfiod Z4gS+H/Gztt2/6+q57VN75dTL6XpB3NcXWNUFGDjKaFLNhc5NfpgoH7WGPKLYoWu 1PsZrivFGMNZgSY81G81MTUFUVamd1lnjOwKUddbWD6c3yEFt/ymHAqtjbSeaj3c oNdNamGu9nGo8RvL9faExYYTjeojdWzTtdek5UdwdSHUkgVkWi12oN8jrdLvwX8a Eu+zwcOUwgoDoXn2CLSjmftAapK12TvQoBobojIgivIW1Eko1YMFY2knC6U5UXzg gf0roApAHfF+/N9kdYqM/Yk0U1L6B8J4wdq05fqZlsNTmoLDWJ9/QgLVQFwFp2kG ORYuCe91RV0pADU9DVne5GlUyilTJ/rH5ZHH0VC0C99ejcZ91XlClnH7w0MFaHZa JHLoDRzN/41kNpxj1thbqXfniQlnhjdmyAK+rZPgcicNUAFvPjhIFWlVZPOH+/DR 0ko4ahqIJ+Gc/7keutnEFEnUaR2WkZd3U/Y2xjkZ54j6AGyTiABCCsFUeJTP3frk LBVKiLioWxCz73vye8I7 =vHBR -----END PGP SIGNATURE-----