[SECURITY] [DLA 3093-2] rails regression update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3093-2] rails regression update
From: Abhijith PA <abhijith@debian.org>
Date: Thu, 15 Sep 2022 13:28:25 +0530
Message-id: <YyLbIRJq/A1jzWEo@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3093-2                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Abhijith PA
September 15, 2022                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : rails
Version        : 2:5.2.2.1+dfsg-1+deb10u5

The security update announced as DLA 3093-1 which included fix 
for CVE-2022-32224 caused a regression due to incompatibility with 
ruby 2.5 version. We have dropped aforementioned fix. Updated rails 
packages are now available.   

For Debian 10 buster, this problem has been fixed in version
2:5.2.2.1+dfsg-1+deb10u5.

We recommend that you upgrade your rails packages.

For the detailed security status of rails please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rails

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmMi2yEACgkQhj1N8u2c
KO/v4w/9FToLSewZXVuT0h8Q9bgcvvdyzVvHWHhsAoOwDWi12maBcIZwL4LAQBs1
gVA9kj79aVnBjERXOs/nGZoAY4MiFD+boE1Dh0yROjSaa7uJJtltHjKhJwdatlXn
uw4XKDw6IUvNFjGG3w6bIU4BAQvRjV5Cy7wOGlj2ERFkKALAMX4RC1b7tSy6KHJL
qFnkLHiYukXEheZgNNhiqFn8YRiamaGyXMBMVLxI9ZbXVX4uS46rKEdLs1/+TL7p
gaZfjcZiWd+Cdaeq2UGspgGWO8UMZnbVBKubW9FFvtckIjRszwsqqm93ad7Lkedn
J8Z7Ql8wSRHsm/jzQZaF6wSYltfGjHKTEFapBsK3OUSwtIRe9MP4IZqNFm+cAql3
RxhYTcKTrsIZPjwcViZexlQbQvNNJ7tx/v0IfC6eIC6qXegDkd9Zf9iqaITyzaM4
816OGTitVRTjL7LN/apGl0tNcOiYyTkQg3My9kNP3qbktZxhc3Edb2hJg51aGKI/
5Sh1F7eEpfTrJ8t8XlTB00vUakau0Wk/53IytmqamU2PRifn7fHzfQAw/8Ewx6+k
1JzDsjLZ9YFZGRFEKCS2kLxmUw6Iq3JFt9S3cQgHAObP0wWEysJQvXZQ+P2q3YAj
TXMZDVAMdmqCG6JzE5g9yhgRF5+VUFK4QurY0ZpmlHa8I6py6nw=
=Tg54
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3109-1] nova security update
Next by Date: [SECURITY] [DLA 3110-1] glib2.0 security update
Previous by thread: [SECURITY] [DLA 3109-1] nova security update
Next by thread: [SECURITY] [DLA 3110-1] glib2.0 security update
Index(es):
- Date
- Thread